JaffaCakes118_7bab48754618b293add1bddf8e3efbeb

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7bab48754618b293add1bddf8e3efbeb
Size

171KB
MD5

7bab48754618b293add1bddf8e3efbeb
SHA1

51f114718eec7096b486b4881120e497fea92d6e
SHA256

14af37c5a45c3edcb5b07b459c1ee6d2f04e794992a5983b9a4567e2dddbf939
SHA512

b41ed52aca3f897078352570bf9449266425970395ce3537c5216365900a6d55421ed86510ebfbf2d4dd4a1a6f388e1db68c9ae8a284d601c4803c58a7af9a48
SSDEEP

3072:xMjhTAxjxNNOZj3j0yxFI6zrwfXFZQoksH5SHT1JDQPyj5M44aD0:qlTAxjxA3w+FIqUvF66UDVj5MJm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7bab48754618b293add1bddf8e3efbeb

Files

JaffaCakes118_7bab48754618b293add1bddf8e3efbeb
.exe windows:4 windows x86 arch:x86

c45982623f574e1c57076aa596c650fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GetCurrentProcess
IsBadCodePtr
LCMapStringA
GetCurrentProcessId
UnhandledExceptionFilter
GetFileType
FreeEnvironmentStringsW
VirtualProtect
VirtualQuery
SetUnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetSystemTimeAsFileTime
GetProcessAffinityMask
GetOEMCP
LCMapStringW
IsBadReadPtr
GetCPInfo
GetCommandLineA
VirtualAlloc
GetEnvironmentStrings
HeapAlloc
GetTickCount
HeapSize
VirtualFree
EnumResourceTypesW
GetStartupInfoA
SetStdHandle
SetFilePointer
GetSystemInfo
GetFileAttributesA
HeapReAlloc
HeapFree
IsBadWritePtr
HeapCreate
GetStringTypeA
GetModuleFileNameA
FlushFileBuffers
QueryPerformanceCounter
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
HeapDestroy
GetStringTypeW
WriteFile
ExitProcess

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shell32

SHGetSpecialFolderPathW

gdi32

RestoreDC
ScaleWindowExtEx
SaveDC
SelectObject
DeleteDC
SetViewportExtEx
Escape
OffsetViewportOrgEx
SetMapMode
TextOutW
SetBkColor
GetClipBox
GetDeviceCaps
CreateBitmap
ExtTextOutW
DeleteObject
SetWindowExtEx
PtVisible
ScaleViewportExtEx
SetTextColor
SetViewportOrgEx
RectVisible
GetStockObject

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shlwapi

PathAppendW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW

user32

GetParent
CheckMenuItem
MessageBoxW
ModifyMenuW
GetLastActivePopup
EnableWindow
IsWindowEnabled
GetDC
LoadBitmapW
ReleaseDC
GetWindowLongW
GetSysColor
EnableMenuItem
GetMenuCheckMarkDimensions
GetSystemMetrics
LoadCursorW
GetWindowTextW
GetSysColorBrush

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c45982623f574e1c57076aa596c650fb

Headers

File Characteristics

Imports

kernel32

winspool.drv

ole32

shell32

gdi32

advapi32

shlwapi

user32

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 67KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 256KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 67KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 256KB