JaffaCakes118_1d7087e5cf7af1e4c8bc919ced212ff4

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_1d7087e5cf7af1e4c8bc919ced212ff4
Size

249KB
MD5

1d7087e5cf7af1e4c8bc919ced212ff4
SHA1

e650f99314de729b4653a619537af11fdeb51f99
SHA256

29d79043287c4f9e17c13426adcb8b5ee48fe6f5e4ec96524444f80a2bc8b5fd
SHA512

f028c3e40bc6a5b89f65d3d126f39283309ee266f663223cb128fb3a4b5311afb95c18500b570a85cb93b4761387959d508794f4135d3591e4f05805f61985ed
SSDEEP

6144:tR0vWKpmDpt5RDGB3C2kyW7UqVEc1snbkn:oMR63CQcjlsnu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1d7087e5cf7af1e4c8bc919ced212ff4

Files

JaffaCakes118_1d7087e5cf7af1e4c8bc919ced212ff4
.exe windows:4 windows x86 arch:x86

a80cca9d4225425fd42dc7c5a0bd638c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy
WaitForSingleObject
EnumDateFormatsW
OpenMutexW
GetLogicalDrives
GetDateFormatW
OpenEventW
GetLongPathNameW
SearchPathW
LoadLibraryExA
SleepEx
SetLocaleInfoA
IsBadCodePtr
MultiByteToWideChar
SetCurrentDirectoryA
GlobalDeleteAtom
GetFileAttributesA
GetVolumeInformationA
FindResourceW
FileTimeToDosDateTime
GetSystemDirectoryW
GetTickCount
CreateSemaphoreA
DuplicateHandle
OpenEventA
GetExitCodeProcess
FileTimeToLocalFileTime
DeleteAtom
GetSystemTime
GetProcessHeap
ExpandEnvironmentStringsW
GetEnvironmentStringsW
CreateEventA
LoadLibraryA
GetExpandedNameW
IsDebuggerPresent
GetTempFileNameW
GetLastError
SetLocaleInfoW
CreatePipe
Beep
CreateMutexA
GetOEMCP
lstrcmpW
GetEnvironmentVariableA
GlobalGetAtomNameA
GetProcAddress
GlobalAlloc
SetCalendarInfoW
lstrcmp
GetLogicalDriveStringsA
WaitForMultipleObjects
GetUserDefaultLCID
DisconnectNamedPipe
FindAtomW
GetDiskFreeSpaceA
GetCurrentProcessId

user32

AdjustWindowRect
GetDesktopWindow
IsMenu
CreateWindowExA
SetWindowPos
MessageBoxA
IsChild
OffsetRect
wsprintfW
LoadIconA
SetActiveWindow
GetScrollPos
CreateMenu
EnumWindows
RegisterClassExA
IsMenu
CharNextW
GetSubMenu
SetWindowTextW
InvalidateRect
IsDlgButtonChecked
SetWindowLongW
SetCursor
wsprintfA
PostMessageA
GetClassInfoA
MessageBoxW
RegisterClassW
TrackPopupMenuEx
GetKeyState
GetCaretPos
GetFocus
GetMessageW
InvalidateRgn
keybd_event
GetTopWindow
RegisterWindowMessageW
EndDialog
CharLowerW
MoveWindow
GetKeyboardLayout
GetMenuItemRect
wvsprintfW
GetWindowRgn
LoadCursorA
CreateAcceleratorTableA
PostQuitMessage
DialogBoxParamW
EnableMenuItem
SetParent
GetSystemMetrics
GetDlgItemTextW
SetCursorPos
CreateDesktopA
SetDlgItemTextW
AppendMenuA
UnregisterClassA

gdi32

CreateFontA
SetWinMetaFileBits
CreateFontIndirectExW
TranslateCharsetInfo
GetEnhMetaFilePixelFormat
GetMetaFileA
CreateDIBSection
CreatePatternBrush

advapi32

SystemFunction015
CryptEnumProvidersW
InitializeSecurityDescriptor
DecryptFileW
RegCreateKeyExA
GetNamedSecurityInfoExA
CreateTraceInstanceId
MD5Init
CryptSetProviderExW
A_SHAInit
OpenThreadToken

shell32

ShellExecuteEx
StrStrW
StrChrA
SHBrowseForFolder
ExtractAssociatedIconA
ExtractAssociatedIconExW

shlwapi

PathIsUNCServerA
StrToIntW
PathIsFileSpecW
PathFindFileNameA
SHDeleteEmptyKeyA
PathSetDlgItemPathW
SHRegCreateUSKeyA
StrRetToStrW
wvnsprintfW
UrlCompareA
PathFindSuffixArrayW
PathIsRootW
StrCmpW
PathIsUNCA
PathIsLFNFileSpecA
UrlCanonicalizeW

oleaut32

VarBstrFromDate
VarUI8FromI1
VarR4FromBool
DispGetIDsOfNames
VarBstrFromUI4
SafeArrayAllocData
VarInt
VarDateFromUI4
VarDecMul

opengl32

glReadPixels
glTexCoord1s
glTexCoord4s
glVertex4iv
glColor3uiv
glDepthRange
glColor3s
glTexEnvf

setupapi

CM_Free_Res_Des
SetupDiOpenDeviceInfoA
SetupDiCreateDeviceInfoW
CM_Get_DevNode_Registry_Property_ExW
MyFree

version

GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeW
VerLanguageNameW

wininet

SetUrlCacheEntryGroupA
InternetQueryFortezzaStatus
CreateUrlCacheContainerW

winmm

NotifyCallbackData
waveInClose
waveOutPrepareHeader
WOW32DriverCallback
mod32Message
CloseDriver
mixerGetControlDetailsA
mmioStringToFOURCCA
mciLoadCommandResource
mixerGetDevCapsA
mciDriverNotify
mixerGetLineInfoW
waveOutWrite
midiOutUnprepareHeader
midiOutOpen
joyConfigChanged
mmTaskBlock
timeSetEvent
mmioClose
waveInGetPosition
midiInClose

wsock32

ioctlsocket
gethostbyname
getprotobynumber
socket
sethostname

Sections

.eqR
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VR
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.I
Size: 1024B - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nMNx
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MBLoA
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pJL
Size: 11KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BgQ
Size: 5KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a80cca9d4225425fd42dc7c5a0bd638c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

oleaut32

opengl32

setupapi

version

wininet

winmm

wsock32

Sections

.eqR Size: 7KB - Virtual size: 7KB

.VR Size: 92KB - Virtual size: 92KB

.d Size: 12KB - Virtual size: 12KB

.I Size: 1024B - Virtual size: 379KB

.nMNx Size: 6KB - Virtual size: 28KB

.MBLoA Size: 92KB - Virtual size: 91KB

.pJL Size: 11KB - Virtual size: 189KB

.BgQ Size: 5KB - Virtual size: 119KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.eqR
Size: 7KB - Virtual size: 7KB

.VR
Size: 92KB - Virtual size: 92KB

.d
Size: 12KB - Virtual size: 12KB

.I
Size: 1024B - Virtual size: 379KB

.nMNx
Size: 6KB - Virtual size: 28KB

.MBLoA
Size: 92KB - Virtual size: 91KB

.pJL
Size: 11KB - Virtual size: 189KB

.BgQ
Size: 5KB - Virtual size: 119KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B