JaffaCakes118_7677a6af02db7d0acb03814dc3a82480

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7677a6af02db7d0acb03814dc3a82480
Size

522KB
MD5

7677a6af02db7d0acb03814dc3a82480
SHA1

a68e868dc0d70ff0e5b09161b032b5b15b8ad181
SHA256

2ca45843fa315e3630488024224f89bc5243cef81ba2425b46ee1ba5fd7c65bf
SHA512

0475e0b970ffaed1f7eebb7ddb85a02d902e062572752834144eaa6f4ce8a614cf67887dbc2eb26759633f270348f1268dae28f5c324846805e63140bb961a1a
SSDEEP

12288:ddois+lBukWg366g6C1bZqhLZqtqEcOZVPTMle:A9IqjhZsaVse

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7677a6af02db7d0acb03814dc3a82480

Files

JaffaCakes118_7677a6af02db7d0acb03814dc3a82480
.exe windows:5 windows x86 arch:x86

87d83b1b20db42a9ac945c140f52cba3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapReAlloc
LoadLibraryW
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
GetStringTypeW
MultiByteToWideChar
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameW
ExitProcess
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
HeapCreate
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
DecodePointer
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
WriteConsoleW
FlushFileBuffers
CreateFileW
lstrcpyA
GetLastError
FormatMessageA
GetModuleFileNameA
lstrcatA
LoadLibraryA
FindFirstFileA
FindClose
Sleep
GetProcAddress
lstrlenA
lstrcpynA
HeapAlloc
CreateFileA
GetLocalTime
WriteFile
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
HeapFree
RtlUnwind
RaiseException
GetModuleHandleA

user32

CreateAcceleratorTableA
RegisterClassA
GetSystemMetrics
SetForegroundWindow
SendMessageA
GetDlgItem
GetClientRect
ModifyMenuA
CreateWindowExA
LoadStringA
DestroyWindow
ShowWindow
GetMenu
GetSubMenu
SetMenuItemInfoA
LoadIconA
LoadCursorA
GetSysColorBrush
RegisterClassExA
UpdateWindow
UnregisterClassA
DefWindowProcA
SendInput
GetMenuItemCount
GetMenuStringA
GetMenuItemInfoA
InsertMenuItemA
BeginPaint
wsprintfA
EndPaint
GetForegroundWindow
GetWindowTextW
MonitorFromRect
GetMonitorInfoA
GetWindowRect
SetWindowPos
GetWindowTextA
GetWindowTextLengthA
IsDlgButtonChecked
SetWindowTextA
EnableWindow
GetDC
ReleaseDC
CreateWindowExW
SetWindowTextW
MoveWindow
MonitorFromWindow
SystemParametersInfoA
IsWindow
GetClassLongA
GetWindow
wvsprintfA
OpenClipboard
EndDialog
EmptyClipboard
CopyImage
SetClipboardData
CloseClipboard
GetClipboardData
ScreenToClient
FindWindowA
MessageBoxA
IsIconic

gdi32

CreateFontIndirectA
GetDeviceCaps
CreateFontA
SaveDC
SelectObject
TextOutA
DeleteObject
AddFontResourceA
CreatePen
GetCurrentPositionEx
MoveToEx
LineTo
CreateSolidBrush
Ellipse
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
PatBlt
DeleteDC
RestoreDC

advapi32

ReadEventLogA
OpenProcessToken
OpenEventLogA
GetNumberOfEventLogRecords
CloseEventLog

shell32

Shell_NotifyIconA

ole32

OleSetContainedObject
OleCreateStaticFromData
CoInitialize
OleGetClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoUninitialize

shlwapi

PathRemoveArgsA
StrCmpNIA
PathFindFileNameA

comctl32

ord17

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87d83b1b20db42a9ac945c140f52cba3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 272KB - Virtual size: 271KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 160KB - Virtual size: 160KB

.text
Size: 272KB - Virtual size: 271KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 160KB - Virtual size: 160KB