JaffaCakes118_2993456efff01af48d20da0076f013c3

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2993456efff01af48d20da0076f013c3
Size

182KB
MD5

2993456efff01af48d20da0076f013c3
SHA1

68cf90a7eb6e6778e7e974e5cea7672fda030728
SHA256

7cb61c25d3612d8d999349c01407aa7404c76e5d98c43716d56b56c9a00e53aa
SHA512

3727eeb86bbda029349b53c115a93b2a2f3f07d5c398fa9358acadef125def428450f2897335b2c9069fb09db67cce1f676b3a4d83d79198ef15a9f95953727e
SSDEEP

3072:biIHuobNqC1st43rOeKcNOFiTJTcZ+zQWgYwo02pVR+90dCw3EbxnzOsWb82psuh:biIlbNqC1gwjKxiTJTjz/qWVRJCw0psX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2993456efff01af48d20da0076f013c3

Files

JaffaCakes118_2993456efff01af48d20da0076f013c3
.exe windows:4 windows x86 arch:x86

0dc4c396f43622eb8df69ce718bda66b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA

shell32

SHGetSpecialFolderPathA

oleacc

LresultFromObject
CreateStdAccessibleObject

winmm

timeGetTime
timeBeginPeriod
timeGetDevCaps
timeEndPeriod

kernel32

FreeLibrary
HeapFree
WaitForSingleObject
DisableThreadLibraryCalls
WideCharToMultiByte
EnterCriticalSection
LockResource
SetThreadPriority
GetSystemTime
LeaveCriticalSection
GetTapeParameters
GetCurrentThreadId
GetModuleFileNameA
ClearCommError
GetLastError
GetExitCodeThread
QueryPerformanceCounter
FindResourceA
InterlockedIncrement
VirtualAlloc
lstrlenA
CloseHandle
IsBadReadPtr
Sleep
GetProcAddress
EnumResourceNamesA
DeleteCriticalSection
CreateThread
CreateFileW
GetCurrentProcessId
TerminateThread
CreateEventA
ResetEvent
LoadResource
GetThreadPriority
GetTickCount
InitializeCriticalSection
VirtualFree
ResumeThread
GlobalAlloc
GetProcessHeap
ReleaseSemaphore
GetModuleFileNameW
LoadLibraryA
CreateMutexA
GetSystemInfo
FatalExit
SetEvent
LoadLibraryW
GetCurrentThread
InterlockedDecrement
LocalFree
WaitForMultipleObjects
GetVersionExA
MultiByteToWideChar
CreateSemaphoreA
ReleaseMutex
GetACP
GetSystemTimeAsFileTime
IsBadWritePtr
ExitProcess

ole32

CreateItemMoniker
StringFromGUID2
CLSIDFromString
CoInitializeEx
CoCreateInstance
CoUninitialize
GetRunningObjectTable
CoRegisterClassObject
CreateStreamOnHGlobal
CoTaskMemFree
CoRevokeClassObject
CoFreeUnusedLibraries
StringFromCLSID
CoInitialize
CoTaskMemAlloc

user32

RegisterWindowMessageA
CopyRect
PeekMessageA
GetMessageA
DispatchMessageA
CreateWindowExA
PostThreadMessageA
wsprintfA
RegisterClassA
MsgWaitForMultipleObjects
MonitorFromWindow
GetQueueStatus
wvsprintfA
LoadStringA
DestroyWindow

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dc4c396f43622eb8df69ce718bda66b

Headers

File Characteristics

Imports

advapi32

shell32

oleacc

winmm

kernel32

ole32

user32

Sections

.text Size: 123KB - Virtual size: 123KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 53KB - Virtual size: 53KB

.lib Size: 512B - Virtual size: 236KB

.text
Size: 123KB - Virtual size: 123KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 53KB - Virtual size: 53KB

.lib
Size: 512B - Virtual size: 236KB