JaffaCakes118_2e65dd3ac6e1dd58f22b6e67733a03ef

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2e65dd3ac6e1dd58f22b6e67733a03ef
Size

246KB
MD5

2e65dd3ac6e1dd58f22b6e67733a03ef
SHA1

090f63df95a5de240280ca9e0b2859156a18f100
SHA256

20f6d0bc52af57e4bbc90608dab2e3db932a23528deadb04aba0a0ea732d8d86
SHA512

7aef16d85ba33c139536ca348085cd6dc5a1db3f57788174c0ce0e1eec81df567057c1597eaaaa3b64118d688c27c69c5252d8a6ecaef9fd16454603e454e771
SSDEEP

6144:b1AxzMSuyzjVp2G30JQcdcR9dftk7SwLa5:+xASuoVp2i0J1dCHYjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2e65dd3ac6e1dd58f22b6e67733a03ef

Files

JaffaCakes118_2e65dd3ac6e1dd58f22b6e67733a03ef
.exe windows:4 windows x86 arch:x86

8404e15353202f08118d73ecb4eb0e70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
WaitForMultipleObjects
GetModuleHandleW
GetVersionExW
MoveFileW
GetWindowsDirectoryW
lstrlenW
lstrcpynW
GetStartupInfoW
GetCurrentProcess
GetTimeFormatW
QueryPerformanceFrequency
GetTickCount
QueryPerformanceCounter
GetExitCodeProcess
SetErrorMode
IsBadReadPtr
RemoveDirectoryW
GetTempPathW
InitializeCriticalSection
CreateMutexW
GetCurrentProcessId
GetLocalTime
OpenEventW
LocalFree
Sleep
GetModuleFileNameW
LoadLibraryW
FreeLibrary
CreateDirectoryW
ExpandEnvironmentStringsA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
GetStartupInfoA
LoadLibraryA
GetFileAttributesW
GetVolumeInformationW
CreateEventW
GetLastError
SetEvent
GetDateFormatW
WaitForSingleObject
CreateMutexA
GetProcAddress
GetModuleHandleA

user32

GetForegroundWindow
wsprintfW
CharUpperW
EnableWindow
LoadBitmapA
GetTopWindow
SetDlgItemTextA
GetIconInfo
SetTimer
EndMenu
CharNextA
WinHelpW
GetClassInfoW
MessageBoxIndirectW
PostMessageA
MonitorFromPoint
GetDlgItemInt
UnregisterClassW
PostMessageW
CreateDialogParamW
SetFocus
LoadCursorA
IsMenu
InsertMenuItemA
RegisterClassExA
LoadMenuIndirectA
SetWindowTextA
GetDCEx
CharPrevW
RegisterClassW
SetWindowRgn
CreateMenu
RegisterClassExW
MessageBoxW

advapi32

RegSetValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
GetSecurityDescriptorDacl
AdjustTokenPrivileges
BuildExplicitAccessWithNameW
FreeSid
SetEntriesInAclW
SetSecurityInfo
AllocateAndInitializeSid
GetSecurityInfo
LookupPrivilegeValueW
CreateProcessAsUserW
EqualSid
GetTokenInformation
GetSidSubAuthorityCount
GetUserNameW
GetSidSubAuthority
OpenProcessToken
GetSidIdentifierAuthority
LookupAccountSidW
ReportEventW
RegisterServiceCtrlHandlerW
SetServiceStatus
DeregisterEventSource
StartServiceCtrlDispatcherW
RegisterEventSourceW
QueryServiceStatus
StartServiceW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegDeleteValueW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shell32

ShellExecuteW

winipsec

GetQMPolicy
DeleteMMPolicy

gdi32

AddFontResourceA
RemoveFontResourceExA
CreatePen
CreateColorSpaceW
GetTextExtentPointW
CreateBitmapIndirect
CreatePolygonRgn
CreateSolidBrush
UpdateICMRegKeyA

avifil32

DllGetClassObject
AVIFileExit
AVIClearClipboard
DllCanUnloadNow
AVIStreamOpenFromFileA
AVIStreamGetFrameOpen
EditStreamPaste
AVISaveVW
AVIFileWriteData

Sections

CODE
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TX
Size: 100KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jbk
Size: 109KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8404e15353202f08118d73ecb4eb0e70

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

shell32

winipsec

gdi32

avifil32

Sections

CODE Size: 5KB - Virtual size: 5KB

.icode Size: 12KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 12KB

.TX Size: 100KB - Virtual size: 183KB

.data Size: 5KB - Virtual size: 372KB

.jbk Size: 109KB - Virtual size: 203KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 4KB

CODE
Size: 5KB - Virtual size: 5KB

.icode
Size: 12KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 12KB

.TX
Size: 100KB - Virtual size: 183KB

.data
Size: 5KB - Virtual size: 372KB

.jbk
Size: 109KB - Virtual size: 203KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 4KB