JaffaCakes118_77d0467b6be8cdbfabb8ecd63016dd20

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_77d0467b6be8cdbfabb8ecd63016dd20
Size

519KB
MD5

77d0467b6be8cdbfabb8ecd63016dd20
SHA1

4c0fc078407e3b64e6e99600e6740d8913a56721
SHA256

af13afd77ebd03117bd3b36d08a7066d3ee9ef64051c003a09ae8859bc47384d
SHA512

8825fa49bc69ab67507150f938a0cca3ca9aa7108396eaaad6baaab304a99441dfe749c122857491c3636d31c36a0b1b7ac974e61f5fa47771ae1cba9a2f4648
SSDEEP

12288:+DAA46NWxzdfL19YLl84rkdJ45sWT6AlTCVTthwaRI:+DgxhfLsgda/GsGtaf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_77d0467b6be8cdbfabb8ecd63016dd20

Files

JaffaCakes118_77d0467b6be8cdbfabb8ecd63016dd20
.exe windows:5 windows x86 arch:x86

952dd6cddae868fb659301bea01d7df6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

PDB Paths

E:\cut\interfacedthe\URIPthe\numbe.pdb

Imports

kernel32

FreeLibrary
GetStringTypeW
LCMapStringW
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
MultiByteToWideChar
LoadLibraryW
OutputDebugStringW
WriteConsoleW
GetSystemTimeAsFileTime
ExitProcess
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
LoadLibraryA
FindClose
GetProcessHeaps
GetCurrentDirectoryW
GetLastError
FindFirstFileA
GetStdHandle
SetConsoleCursorPosition
GetLogicalDrives
InterlockedDecrement
FillConsoleOutputCharacterA
HeapAlloc
lstrlenA
OutputDebugStringA
WriteFile
HeapCreate
GetFileType
SetHandleCount
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
SetLastError
GetEnvironmentStringsW
WideCharToMultiByte
GetModuleHandleW
TlsFree
GetCurrentThreadId
FreeEnvironmentStringsW
GetProcessHeap
VirtualQuery
SetStdHandle
CreateFileW
CloseHandle
FlushFileBuffers
GetProcAddress
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetModuleFileNameW
RaiseException
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapValidate
IsBadReadPtr
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleFileNameA

user32

SendMessageA
DefWindowProcA
LoadCursorA
FindWindowA
SetWindowTextA
GetSystemMetrics
GetClassInfoA
SetMenu
EndPaint
PostQuitMessage
KillTimer
GetFocus
LoadIconA
wsprintfA
GetClientRect
ExitWindowsEx
GetWindowTextLengthA
SetClassLongA
BeginPaint
GetDC
GetWindowTextA
GetKeyboardLayout
InvalidateRect
UnregisterClassA
ReleaseDC
ShowWindow

gdi32

MoveToEx
BitBlt
LineTo
SetWindowExtEx
DeleteDC
CreateFontIndirectA
DeleteObject
SelectObject
CreateCompatibleDC
DPtoLP
SetMapMode
CreateCompatibleBitmap
GetMapMode
CreatePen
SetViewportExtEx
GetTextMetricsA
GetObjectA
GetStockObject
TextOutA

comdlg32

ReplaceTextA

advapi32

CloseEventLog
ClearEventLogA
OpenEventLogA

ole32

CoInitializeSecurity
CoInitialize
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
VariantChangeType
VariantInit
VariantClear
SysStringLen
SysAllocString

userenv

GetProfilesDirectoryA

msacm32

acmStreamUnprepareHeader

version

GetFileVersionInfoW

imm32

ImmGetDefaultIMEWnd
ImmGetDescriptionA
ImmGetCompositionStringA
ImmReleaseContext
ImmGetContext
ImmGetCandidateListA
ImmGetConversionStatus

Exports

Exports

Pi

Sections

.text
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

952dd6cddae868fb659301bea01d7df6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

userenv

msacm32

version

imm32

Exports

Exports

Sections

.text Size: 318KB - Virtual size: 317KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 44KB - Virtual size: 51KB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 318KB - Virtual size: 317KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 44KB - Virtual size: 51KB

.rsrc
Size: 98KB - Virtual size: 98KB