JaffaCakes118_76f96f8e8c9f854a53d81625a0d3fe26

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_76f96f8e8c9f854a53d81625a0d3fe26
Size

459KB
MD5

76f96f8e8c9f854a53d81625a0d3fe26
SHA1

74bb8715260e08be61c0dcfda12897f6e4cb329c
SHA256

656e7f65de58471265eb496316b5872aab2e6dae899c2ac872d5878b8f2e19d4
SHA512

98f45941eb9a4343337d8867cfa2d41a130240ad284c73024a9ff9d7af93ed90ebc09fc5f08403443170b990f8c7f9630b26276cddeca8512a1fff176d18d459
SSDEEP

12288:crFC8npMzWFOvFuTGTI1yIqE/ydohlMsUJh4o:cjEvFuCTxIqBQ2sUJh4o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_76f96f8e8c9f854a53d81625a0d3fe26

Files

JaffaCakes118_76f96f8e8c9f854a53d81625a0d3fe26
.exe windows:5 windows x86 arch:x86

e9f6295d2d4928ea1567e3c1eecf7f74

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

GetStringTypeW
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
LoadLibraryW
Sleep
WriteConsoleW
MultiByteToWideChar
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
EnterCriticalSection
GetProcAddress
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapAlloc
DecodePointer
ExitProcess
GetModuleHandleW
CreateFileW
HeapReAlloc
SetStdHandle
GetProfileIntA
WriteProfileStringA
WideCharToMultiByte
GetLastError
lstrlenA
HeapCreate
SetFileApisToOEM
GlobalLock
GlobalUnlock
CreateFileA
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
HeapFree
RtlUnwind
RaiseException
FindFirstFileA
FindNextFileA
FindClose
lstrcatA
DeleteCriticalSection
lstrcpyA
DeviceIoControl
CloseHandle
FlushFileBuffers
lstrcmpiA
CompareStringA
GetEnvironmentVariableW
LeaveCriticalSection
LoadLibraryA

user32

SetCursor
SetCapture
CloseClipboard
GetWindowThreadProcessId
OpenClipboard
IsClipboardFormatAvailable
DestroyWindow
AttachThreadInput
EnumDesktopsA
GetDlgItemTextA
BringWindowToTop
GetKeyNameTextA
GetScrollInfo
LoadCursorA
LoadIconA
KillTimer
CopyImage
SetTimer
GetForegroundWindow
GetFocus
InsertMenuA
CreateMenu
GetDlgItemTextW
DestroyAcceleratorTable
EndPaint
MessageBoxA
GetClipboardData
SendMessageA
WindowFromPoint
GetClassNameA
MessageBeep
wsprintfA
GetWindowLongA
GetSystemMetrics
GetDlgItem
FindWindowA
FindWindowExA
LoadStringA
GetSysColorBrush
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
CheckDlgButton
IsDlgButtonChecked
SetWindowTextA
PostQuitMessage
DefWindowProcA
SetDlgItemInt
GetDlgItemInt
EndDialog
IsWindowVisible
GetParent
IsIconic
GetClientRect
InvalidateRect
GetWindowRect
GetDC
SetWindowPos
RegisterClassExA
ShowWindow
SetForegroundWindow
SetFocus
BeginPaint

gdi32

GetTextExtentPoint32A
SelectPalette
CreateHalftonePalette
DeleteObject
GetObjectA
CreateICA
GetTextMetricsA
DeleteDC
RealizePalette
TextOutA
ChoosePixelFormat
SetPixelFormat

advapi32

CryptSetProviderA
GetNumberOfEventLogRecords

shell32

SHBrowseForFolderA

ole32

CoGetClassObject
CoTaskMemFree
CoInitialize
CoCreateInstance

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SysFreeString
SysStringLen
VariantInit
SysAllocStringLen

msacm32

acmDriverEnum
acmDriverPriority

winmm

waveOutGetNumDevs
mmioOpenA
mmioCreateChunk
mmioWrite
mmioClose

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

StrToIntExA
StrToIntA
StrChrA

comctl32

ImageList_Create
ImageList_Add
ImageList_GetImageCount
ImageList_Draw
ImageList_GetImageInfo

activeds

ord3

gdiplus

GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage

opengl32

wglCreateContext
wglMakeCurrent

imm32

ImmGetContext
ImmGetOpenStatus
ImmSetOpenStatus
ImmGetConversionStatus
ImmReleaseContext

urlmon

CoInternetGetSession

snmpapi

SnmpSvcGetUptime
SnmpUtilMemAlloc

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9f6295d2d4928ea1567e3c1eecf7f74

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msacm32

winmm

version

shlwapi

comctl32

activeds

gdiplus

opengl32

imm32

urlmon

snmpapi

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 90KB - Virtual size: 90KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 90KB - Virtual size: 90KB

.reloc
Size: 8KB - Virtual size: 8KB