JaffaCakes118_786202e85971fe480f5134f2e7f05478

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_786202e85971fe480f5134f2e7f05478
Size

210KB
MD5

786202e85971fe480f5134f2e7f05478
SHA1

468380670cd00afe4053aba20adea53954df5004
SHA256

0b225f1302d65e3f342bdf13a2bcba5ca82873d03a90355b4e048c623d298bd0
SHA512

a6fc4b43ca1d211692d0db4260b858951c09fd3920bcb3312ac1e66011f727b305662f1a569e86b76b1b57ac2b47e1313fcf068cc3b03cc9a20016259d2ee725
SSDEEP

6144:T7xbm2ovXZr6nwnkrJjA1uWuS05Nw3rlkq9xPgLO:T7xkQrJ2oEOWqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_786202e85971fe480f5134f2e7f05478

Files

JaffaCakes118_786202e85971fe480f5134f2e7f05478
.exe windows:4 windows x86 arch:x86

125115444f0d0181ff7cf65b4d28d544

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
ReadFile
GlobalGetAtomNameW
GetModuleFileNameA
FatalAppExitW
CreateMutexA
GetModuleHandleA
FindAtomA
GetUserDefaultLCID
OpenMutexA
GetLogicalDrives
GetTempFileNameA
Beep
ReadDirectoryChangesW
DisconnectNamedPipe
CreateSemaphoreW
OpenSemaphoreW
GetEnvironmentVariableA
CompareStringW
lstrlenA
SetPriorityClass
GetCommandLineW
GetSystemDirectoryA
GlobalGetAtomNameA
lstrcpynA
GetCPInfo
FindResourceA
OpenWaitableTimerW
QueryPerformanceCounter
EnumTimeFormatsA
SetCurrentDirectoryA
IsBadCodePtr
GetTimeFormatA
lstrcmp
GetVersion
CreateFileA
EndUpdateResourceW
SetCurrentDirectoryW
lstrcpyA
GetTimeFormatW
CopyFileExW
IsValidCodePage
GetCalendarInfoW
GetTempFileNameW
ExitProcess
GetComputerNameA
GetProcAddress
DosDateTimeToFileTime
GetSystemTime
lstrcpyW
GetSystemDefaultLangID
ExpandEnvironmentStringsW
OpenWaitableTimerA
GetCurrentProcess
CreateFileMappingA

user32

GetMessageW
SetWindowTextA
SetParent
GetClassInfoExA
GetWindowLongA
SetTimer
IsWindowEnabled
TrackPopupMenuEx
SetCursor
SendDlgItemMessageA
RegisterClassExA
GetActiveWindow
GetDlgItemTextA
CharNextW
CheckMenuRadioItem
FillRect
CreateDesktopA
CreateDialogIndirectParamA
LoadCursorW
DefDlgProcA
CreateWindowExW
InsertMenuA
GetClassLongW

gdi32

ExtCreateRegion
Ellipse
GetDeviceCaps
GetAspectRatioFilterEx
SetAbortProc
SelectBrushLocal
SetArcDirection
FloodFill
CreateDCA
GetSystemPaletteEntries
FillPath
GetCharWidthFloatW
AnimatePalette
ExtFloodFill
ExcludeClipRect

advapi32

RegReplaceKeyA
RegOpenKeyExA
RegQueryValueA
RegOpenKeyExW
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA

oleaut32

VarCyCmp
VariantChangeTypeEx
VarI4FromStr
VarUI1FromI4

inetcomm

CreatePOP3Transport
MimeOleSMimeCapsToDlg
MimeOleGetDefaultCharset
EssSecurityLabelEncodeEx
MimeOleGenerateFileName
MimeOleGetPropW
CreateIMAPTransport
MimeOleObjectFromMoniker
EssMLHistoryDecodeEx
EssSecurityLabelDecodeEx
MimeOleSetPropW
EssMLHistoryEncodeEx
MimeOleOpenFileStream
HrDoAttachmentVerb
HrSaveAttachToFile
CreateRangeList
MimeOleGenerateMID
MimeOleGetRelatedSection

sqlunirl

_SendMessage@16
_ClearEventLog_@8
_RegReplaceKey_@16
_FindExecutable_@12
_RegUnLoadKey_@8
_ShellExecute_@24
_PeekMessage@20
_lstrcpyn_@12
_ReadConsoleInput_@16
_OpenWaitableTimer_@12
_RegEnumValue_@32
_GetWindowTextLength@4

crypt32

PFXVerifyPassword
CertSerializeCRLStoreElement
CertEnumCTLContextProperties
CertAddCTLContextToStore
CertNameToStrA
CryptEncryptMessage
CryptGetKeyIdentifierProperty
RegEnumValueU
CryptVerifyMessageSignature
CryptSetOIDFunctionValue
CryptRegisterOIDFunction
CryptSIPCreateIndirectData
CryptSIPPutSignedDataMsg
CertAddEnhancedKeyUsageIdentifier
CertAddEncodedCRLToStore

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qRTHoW
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vVVua
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MCS
Size: 512B - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SdGAP
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xa
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Avk
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OOSv
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KPO
Size: 1KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

125115444f0d0181ff7cf65b4d28d544

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

inetcomm

sqlunirl

crypt32

Sections

.text Size: 11KB - Virtual size: 11KB

.qRTHoW Size: 2KB - Virtual size: 4KB

.vVVua Size: 2KB - Virtual size: 4KB

.MCS Size: 512B - Virtual size: 26KB

.SdGAP Size: 4KB - Virtual size: 16KB

.xa Size: 1KB - Virtual size: 17KB

.Avk Size: 1KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 11KB

.OOSv Size: 1KB - Virtual size: 33KB

.KPO Size: 1KB - Virtual size: 240KB

.rsrc Size: 169KB - Virtual size: 169KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.qRTHoW
Size: 2KB - Virtual size: 4KB

.vVVua
Size: 2KB - Virtual size: 4KB

.MCS
Size: 512B - Virtual size: 26KB

.SdGAP
Size: 4KB - Virtual size: 16KB

.xa
Size: 1KB - Virtual size: 17KB

.Avk
Size: 1KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 11KB

.OOSv
Size: 1KB - Virtual size: 33KB

.KPO
Size: 1KB - Virtual size: 240KB

.rsrc
Size: 169KB - Virtual size: 169KB

.reloc
Size: 1KB - Virtual size: 1KB