JaffaCakes118_7a273f678e7013e8dbe94cbbc8fb4642

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7a273f678e7013e8dbe94cbbc8fb4642
Size

270KB
MD5

7a273f678e7013e8dbe94cbbc8fb4642
SHA1

4f88926819c3f2e8b2655b33b9b72bd2bb4d4b91
SHA256

3048cf606ed9caa66911f8d475f88e0f38dd54a7a8079d60027d9ba2f7ce6487
SHA512

c045ccb396fe1b6f49309cf4907c0960fffff79c7a8c82bc76bd34c986daeeddb6332b9a41a439fe7e4c4190b748b864ca933b62da9093672c355f6921920e81
SSDEEP

6144:0xgW3S0nqUQFqyU+hp1CTJRxoB53JYRf/0ml:NWC0nqUNc1CRor3JEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7a273f678e7013e8dbe94cbbc8fb4642

Files

JaffaCakes118_7a273f678e7013e8dbe94cbbc8fb4642
.exe windows:4 windows x86 arch:x86

83f7b8c36e9856e9022710657c86e389

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
CreateEventW
SignalObjectAndWait
FormatMessageW
CopyFileW
IsDebuggerPresent
WideCharToMultiByte
RaiseException
GetThreadLocale
GetProcessHeap
CloseHandle
lstrlenW
CreateThread
HeapAlloc
GetACP
HeapReAlloc
WaitForSingleObject
EnterCriticalSection
UnhandledExceptionFilter
SizeofResource
LoadResource
CreateFileW
FindResourceExW
FindResourceW
DeleteCriticalSection
LockResource
LeaveCriticalSection
CreateDirectoryW
HeapFree
HeapDestroy
GetCurrentThreadId
SetThreadLocale
GetSystemTimeAsFileTime
lstrlenA
LocalFree
HeapSize
GetFullPathNameW
VirtualAlloc

user32

UnregisterClassA

shell32

SHGetFolderPathW

shlwapi

PathAppendW

oleaut32

SafeArrayCopy
GetErrorInfo
SafeArrayDestroy
SafeArrayGetVartype
LoadTypeLi
VariantInit
SafeArrayCreate
VarBstrCmp
VariantCopyInd
VariantChangeType
LoadRegTypeLi
VariantCopy
SafeArrayUnlock
SafeArrayGetUBound
VariantClear
SysFreeString
SysStringByteLen
SafeArrayLock
SysAllocStringLen
SysStringLen
SafeArrayRedim
SysAllocString
SysAllocStringByteLen
SafeArrayGetLBound

userenv

UnloadUserProfile

ole32

CoInitializeEx
CoCreateInstance
CLSIDFromProgID
CoImpersonateClient
CLSIDFromString
OleRun
CoUninitialize
CoRevertToSelf

advapi32

InitializeSid
RegCloseKey
DeregisterEventSource
OpenThreadToken
RegEnumKeyExW
GetLengthSid
CopySid
RegOpenKeyExW
GetSidLengthRequired
RegEnumValueW
ConvertStringSidToSidW
EqualSid
RegQueryValueExW
OpenProcessToken
GetSidSubAuthority
RegisterEventSourceW
IsValidSid
GetTokenInformation
ReportEventW

atl

AtlModuleInit
AtlAxGetControl
AtlModuleUnregisterServer
AtlModuleExtractCreateWndData
AtlModuleRegisterWndClassInfoW
AtlModuleRegisterServer
AtlPixelToHiMetric

kbdca

KbdLayerDescriptor

Sections

.QzGAW
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ItMWXy
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NDhHb
Size: 1024B - Virtual size: 521B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rEIYpu
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rDEgjB
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MOTRc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QqIfMj
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XEDnIxa
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lznL
Size: 512B - Virtual size: 479B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Fjkkx
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83f7b8c36e9856e9022710657c86e389

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

oleaut32

userenv

ole32

advapi32

atl

kbdca

Sections

.QzGAW Size: 1024B - Virtual size: 33KB

.text Size: 19KB - Virtual size: 19KB

.ItMWXy Size: 2KB - Virtual size: 1KB

.NDhHb Size: 1024B - Virtual size: 521B

.rEIYpu Size: 2KB - Virtual size: 2KB

.rDEgjB Size: 2KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 221KB

.rdata Size: 208KB - Virtual size: 207KB

.MOTRc Size: 2KB - Virtual size: 1KB

.QqIfMj Size: 2KB - Virtual size: 1KB

.XEDnIxa Size: 1024B - Virtual size: 926B

.rsrc Size: 17KB - Virtual size: 17KB

.lznL Size: 512B - Virtual size: 479B

.Fjkkx Size: 2KB - Virtual size: 1KB

.QzGAW
Size: 1024B - Virtual size: 33KB

.text
Size: 19KB - Virtual size: 19KB

.ItMWXy
Size: 2KB - Virtual size: 1KB

.NDhHb
Size: 1024B - Virtual size: 521B

.rEIYpu
Size: 2KB - Virtual size: 2KB

.rDEgjB
Size: 2KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 221KB

.rdata
Size: 208KB - Virtual size: 207KB

.MOTRc
Size: 2KB - Virtual size: 1KB

.QqIfMj
Size: 2KB - Virtual size: 1KB

.XEDnIxa
Size: 1024B - Virtual size: 926B

.rsrc
Size: 17KB - Virtual size: 17KB

.lznL
Size: 512B - Virtual size: 479B

.Fjkkx
Size: 2KB - Virtual size: 1KB