JaffaCakes118_7a293a3424fafdf4dff980409c703865

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7a293a3424fafdf4dff980409c703865
Size

484KB
MD5

7a293a3424fafdf4dff980409c703865
SHA1

80912b5bc9e0a3ef0c5f5722f6156cd94e84002e
SHA256

de8c127be32107c0d77ed2011a4ec8ad2513246ddd51a26f54374eed1b83bf35
SHA512

00907d6ac74be8c598ea213e2448156809a1c37c9486a5d7c2774d9e1ca5abc8d80a992438403e5e243da9add35c442503387dcdbd29374099b61e71521bca69
SSDEEP

12288:K7/yuwDwie0KSc47ekijPiv9JNXjEV8NXCCK/ot6K39xW:KGuwsie071z1XjEUCCEo069xW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7a293a3424fafdf4dff980409c703865

Files

JaffaCakes118_7a293a3424fafdf4dff980409c703865
.exe windows:5 windows x86 arch:x86

97d64197f33555c658bac12ac1b2d2a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FillConsoleOutputAttribute
FillConsoleOutputCharacterA
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleTitleA
CreateFileW
GetProcessHeap
SetEndOfFile
CreateFileA
FlushFileBuffers
SetStdHandle
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
SetConsoleCursorPosition
LCMapStringW
GetStringTypeW
ReadFile
MultiByteToWideChar
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
WriteFile
CreateToolhelp32Snapshot
GetPriorityClass
Process32First
GetProcessWorkingSetSize
Module32First
CloseHandle
GetCurrentProcess
GetLocalTime
SetLocalTime
HeapCreate
Sleep
HeapAlloc
ExitProcess
GetLastError
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
GetProcAddress
GetModuleHandleW
SetLastError
HeapValidate
IsBadReadPtr
RtlUnwind
IsProcessorFeaturePresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException

user32

OpenClipboard
wsprintfA
FindWindowExA
GetSystemMenu
DeleteMenu
LoadCursorA
RegisterClassA
SendMessageA
DefWindowProcA
GetDC
ReleaseDC
GetWindowRect
SetWindowTextA
GetClientRect
IsWindow
EndPaint
BeginPaint
EmptyClipboard
CopyImage
SetClipboardData
CloseClipboard
EndDialog
CreateAcceleratorTableA
ShowWindow
DestroyAcceleratorTable
MapWindowPoints
SetActiveWindow
SendInput
GetSysColor
DrawTextA
EnumWindows

gdi32

SetBrushOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
PatBlt
DeleteDC
DeleteObject
SetBkColor
TextOutA
GetDIBits

advapi32

OpenProcessToken
LookupPrivilegeValueA

comctl32

ord6

gdiplus

GdiplusStartup

traffic

TcEnumerateInterfaces

Sections

.text
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bar
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tik
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97d64197f33555c658bac12ac1b2d2a1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

gdiplus

traffic

Sections

.text Size: 395KB - Virtual size: 394KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 11KB

.bar Size: 8KB - Virtual size: 7KB

.tik Size: 1024B - Virtual size: 894B

.rsrc Size: 38KB - Virtual size: 38KB

.text
Size: 395KB - Virtual size: 394KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 11KB

.bar
Size: 8KB - Virtual size: 7KB

.tik
Size: 1024B - Virtual size: 894B

.rsrc
Size: 38KB - Virtual size: 38KB