JaffaCakes118_247cb810f2eb791c0495d0c96740adc6

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_247cb810f2eb791c0495d0c96740adc6
Size

195KB
MD5

247cb810f2eb791c0495d0c96740adc6
SHA1

116b751fe28cc3d5e0a6ef1b9b3c27bbea9d33a7
SHA256

6e4c36f30e51b428ba92f922f714d85ecddbd3ccffe4554c1aec0cf8f129ddc1
SHA512

d3f0a3b3a8afb76501566a485933611d3571340b56e1d6e36d59431df2cd0bd7cc269697a52ff8646d6f061049eb8e9f427b457482dfb01e2da10bdae02966d2
SSDEEP

6144:cdkmlBna0YJj345NBwg2kZkXG+rSxSOXTn7:eq1xP4z+r+BTn7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_247cb810f2eb791c0495d0c96740adc6

Files

JaffaCakes118_247cb810f2eb791c0495d0c96740adc6
.exe windows:4 windows x86 arch:x86

6f2a6826f57ef1fb24c3c6dcded692a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

ImageGetDigestStream
ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData

kernel32

EnumResourceTypesW
InterlockedDecrement
EnumResourceLanguagesW
DeleteCriticalSection
RemoveDirectoryW
GetLastError
Sleep
GetFileAttributesA
SetEndOfFile
UnmapViewOfFile
GetTempPathW
RaiseException
GetVersionExW
FreeLibrary
HeapFree
GlobalUnlock
_lread
TerminateProcess
GetCurrentThreadId
CreateFiberEx
OutputDebugStringA
GetVersion
FindFirstFileW
WriteFile
InterlockedExchange
MoveFileW
FreeResource
EnterCriticalSection
SetFilePointer
IsDebuggerPresent
GetCurrentDirectoryW
CreateFileA
EnumResourceNamesW
GetProcessHeap
RemoveDirectoryA
ExitProcess
GetLocaleInfoA
_lclose
QueryPerformanceCounter
CreateFileMappingA
GetTickCount
FindClose
DeleteFileW
CloseHandle
EscapeCommFunction
GetACP
SetLastError
EnumResourceNamesA
HeapDestroy
_llseek
GetEnvironmentVariableA
CopyFileA
GetStringTypeExW
LoadLibraryExW
MultiByteToWideChar
GetSystemDirectoryA
SizeofResource
FindResourceW
WideCharToMultiByte
FindNextFileW
GetCurrentProcessId
FormatMessageW
GetOEMCP
GetModuleHandleW
ReadFile
GetThreadLocale
BeginUpdateResourceW
GlobalFree
LockResource
GetFileInformationByHandle
UnhandledExceptionFilter
GetCurrentProcess
GlobalLock
LoadLibraryExA
InterlockedCompareExchange
FatalExit
GlobalAlloc
GetProcAddress
lstrlenW
CopyFileW
FindNextFileA
LocalFree
CreateFileW
AreFileApisANSI
LoadResource
lstrlenA
CreateDirectoryW
SetFileAttributesA
lstrcmpiA
SetFileAttributesW
DeleteFileA
FindFirstFileA
GetVersionExA
GetFullPathNameA
HeapSize
GetFullPathNameW
EndUpdateResourceW
FindResourceExW
GetCommandLineW
GetTempFileNameW
CreateDirectoryA
UpdateResourceW
GetFileAttributesW
MapViewOfFile
_lwrite
InitializeCriticalSection
InterlockedIncrement
GetFileSize
HeapReAlloc
GetSystemTimeAsFileTime
HeapAlloc
DebugBreak
LoadLibraryA
LeaveCriticalSection
SetUnhandledExceptionFilter
lstrcpyA

psapi

GetProcessMemoryInfo

msvfw32

ICInfo

user32

MonitorFromWindow
CharNextA
wsprintfW
CharNextW

shell32

CommandLineToArgvW

advapi32

CryptCreateHash
CryptReleaseContext
CryptHashData
CryptAcquireContextA
CryptGetHashParam
CryptDestroyHash

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f2a6826f57ef1fb24c3c6dcded692a4

Headers

File Characteristics

Imports

imagehlp

kernel32

psapi

msvfw32

user32

shell32

advapi32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 356KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 356KB