JaffaCakes118_32bbeaab3c956d36f9a41869ea5f804b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_32bbeaab3c956d36f9a41869ea5f804b
Size

246KB
MD5

32bbeaab3c956d36f9a41869ea5f804b
SHA1

e0f8beb35a06d6471dca3f7a003534250b1deef8
SHA256

2e9854b7d8ccae927fb1d88d75bf006d974d83d0b903e10950d28a13c8722e89
SHA512

ad966c1e1a97fe22f9d74b85141033fb8d682d498a35d4b0a2c5cbda4701542aebbbd449d957eaee8872010fa1825fe2a1e38f5651f8f8830ead3100ad370975
SSDEEP

6144:+1AxzMSuyzjVp2G30JQcdcR9dftk7SwLa5:7xASuoVp2i0J1dCHYjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_32bbeaab3c956d36f9a41869ea5f804b

Files

JaffaCakes118_32bbeaab3c956d36f9a41869ea5f804b
.exe windows:4 windows x86 arch:x86

8404e15353202f08118d73ecb4eb0e70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
WaitForMultipleObjects
GetModuleHandleW
GetVersionExW
MoveFileW
GetWindowsDirectoryW
lstrlenW
lstrcpynW
GetStartupInfoW
GetCurrentProcess
GetTimeFormatW
QueryPerformanceFrequency
GetTickCount
QueryPerformanceCounter
GetExitCodeProcess
SetErrorMode
IsBadReadPtr
RemoveDirectoryW
GetTempPathW
InitializeCriticalSection
CreateMutexW
GetCurrentProcessId
GetLocalTime
OpenEventW
LocalFree
Sleep
GetModuleFileNameW
LoadLibraryW
FreeLibrary
CreateDirectoryW
ExpandEnvironmentStringsA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
GetStartupInfoA
LoadLibraryA
GetFileAttributesW
GetVolumeInformationW
CreateEventW
GetLastError
SetEvent
GetDateFormatW
WaitForSingleObject
CreateMutexA
GetProcAddress
GetModuleHandleA

user32

GetForegroundWindow
wsprintfW
CharUpperW
EnableWindow
LoadBitmapA
GetTopWindow
SetDlgItemTextA
GetIconInfo
SetTimer
EndMenu
CharNextA
WinHelpW
GetClassInfoW
MessageBoxIndirectW
PostMessageA
MonitorFromPoint
GetDlgItemInt
UnregisterClassW
PostMessageW
CreateDialogParamW
SetFocus
LoadCursorA
IsMenu
InsertMenuItemA
RegisterClassExA
LoadMenuIndirectA
SetWindowTextA
GetDCEx
CharPrevW
RegisterClassW
SetWindowRgn
CreateMenu
RegisterClassExW
MessageBoxW

advapi32

RegSetValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
GetSecurityDescriptorDacl
AdjustTokenPrivileges
BuildExplicitAccessWithNameW
FreeSid
SetEntriesInAclW
SetSecurityInfo
AllocateAndInitializeSid
GetSecurityInfo
LookupPrivilegeValueW
CreateProcessAsUserW
EqualSid
GetTokenInformation
GetSidSubAuthorityCount
GetUserNameW
GetSidSubAuthority
OpenProcessToken
GetSidIdentifierAuthority
LookupAccountSidW
ReportEventW
RegisterServiceCtrlHandlerW
SetServiceStatus
DeregisterEventSource
StartServiceCtrlDispatcherW
RegisterEventSourceW
QueryServiceStatus
StartServiceW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegDeleteValueW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shell32

ShellExecuteW

winipsec

GetQMPolicy
DeleteMMPolicy

gdi32

AddFontResourceA
RemoveFontResourceExA
CreatePen
CreateColorSpaceW
GetTextExtentPointW
CreateBitmapIndirect
CreatePolygonRgn
CreateSolidBrush
UpdateICMRegKeyA

avifil32

DllGetClassObject
AVIFileExit
AVIClearClipboard
DllCanUnloadNow
AVIStreamOpenFromFileA
AVIStreamGetFrameOpen
EditStreamPaste
AVISaveVW
AVIFileWriteData

Sections

CODE
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TX
Size: 100KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jbk
Size: 109KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8404e15353202f08118d73ecb4eb0e70

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

shell32

winipsec

gdi32

avifil32

Sections

CODE Size: 5KB - Virtual size: 5KB

.icode Size: 12KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 12KB

.TX Size: 100KB - Virtual size: 183KB

.data Size: 5KB - Virtual size: 372KB

.jbk Size: 109KB - Virtual size: 203KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 4KB

CODE
Size: 5KB - Virtual size: 5KB

.icode
Size: 12KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 12KB

.TX
Size: 100KB - Virtual size: 183KB

.data
Size: 5KB - Virtual size: 372KB

.jbk
Size: 109KB - Virtual size: 203KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 4KB