JaffaCakes118_336432149ba4e7a75e52a982cbd8ab2d

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_336432149ba4e7a75e52a982cbd8ab2d
Size

256KB
MD5

336432149ba4e7a75e52a982cbd8ab2d
SHA1

bf18af7d2afff81bab7284687d4eb81daa2355d8
SHA256

28fdfda984c66f2ac081655ecb20c98285be926e72ab89a7d32fb468267191fa
SHA512

b79199c27a3e32338cb346bdc074a8c2b9b8827b995345f3a36004efc6e685b06f6114f39b5994e977c12a706018a0dbf9c136f0a4115f7f87a0cf43e2871818
SSDEEP

6144:hV4xNwRjJ+X1NkxIVcp1bT+xkhlxuhuMOoi5ldM:fUwRd0z/Op1T+xk4hut95fM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_336432149ba4e7a75e52a982cbd8ab2d

Files

JaffaCakes118_336432149ba4e7a75e52a982cbd8ab2d
.exe windows:4 windows x86 arch:x86

6d22df9ef40e5d4a94737bb775121989

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mapi32

ord75
ord135
ord17
ord140

kernel32

InitializeCriticalSection
CreateEventW
SetEvent
Sleep
GetVersion
GetVersionExW
GetCurrentProcessId
WaitForMultipleObjects
DuplicateHandle
CreateMutexW
CreateSemaphoreW
LocalFree
LocalAlloc
GetModuleHandleA
lstrcmpA
GetCurrentThread
GetTickCount
GetModuleFileNameW
GetTempPathW
GetTempFileNameW
GetProcessHeap
ExitProcess
GetStringTypeW
GetStringTypeA
WaitForSingleObject
GetCurrentThreadId
FileTimeToSystemTime
lstrcpynA
lstrlenA
GetLastError
MultiByteToWideChar
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
GetFileAttributesW
LoadLibraryW
FreeLibrary
GetCurrentProcess
HeapCreate
GetCPInfo
OpenMutexW
GetLocaleInfoA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
GetStartupInfoA
IsValidCodePage
GetOEMCP
GetVersionExA
RaiseException
SetUnhandledExceptionFilter
GetModuleFileNameA
TlsAlloc
GetACP
GetProcAddress

user32

MessageBoxW
PeekMessageW
SendDlgItemMessageA
DialogBoxIndirectParamW
DestroyCursor
InsertMenuA
GetMenuItemID
GetDesktopWindow
GetMenu
SetTimer
GetTopWindow
OpenClipboard
EndMenu
CharPrevA
LoadMenuW
GetKeyState
SetFocus
SetDlgItemTextA
wvsprintfW
LoadMenuIndirectW
GetClassInfoExW
EnableWindow
DialogBoxParamW
CharNextA
GetScrollPos

advapi32

EqualSid
RegQueryValueExA
RegOpenKeyA
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegEnumKeyW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteKeyA

shell32

SHGetDesktopFolder
ord680
ShellExecuteExW

ole32

CoCreateInstance

security

SealMessage
CompleteAuthToken

gdi32

StretchDIBits
CreateFontIndirectExW
GdiGetBatchLimit
RemoveFontResourceW
CreateMetaFileA
GetMetaFileW
RemoveFontResourceExW
RemoveFontResourceExA
CreatePalette
AddFontResourceA
TranslateCharsetInfo
CreateColorSpaceA

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Ceqr
Size: 512B - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GR
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZFO
Size: 108KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tLd
Size: 2KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.J
Size: 111KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d22df9ef40e5d4a94737bb775121989

Headers

File Characteristics

Imports

mapi32

kernel32

user32

advapi32

shell32

ole32

security

gdi32

Sections

.text Size: 13KB - Virtual size: 16KB

.Ceqr Size: 512B - Virtual size: 469KB

.rdata Size: 3KB - Virtual size: 50KB

.GR Size: 1KB - Virtual size: 8KB

.ZFO Size: 108KB - Virtual size: 111KB

.tLd Size: 2KB - Virtual size: 363KB

.data Size: 5KB - Virtual size: 311KB

.J Size: 111KB - Virtual size: 195KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 16KB

.Ceqr
Size: 512B - Virtual size: 469KB

.rdata
Size: 3KB - Virtual size: 50KB

.GR
Size: 1KB - Virtual size: 8KB

.ZFO
Size: 108KB - Virtual size: 111KB

.tLd
Size: 2KB - Virtual size: 363KB

.data
Size: 5KB - Virtual size: 311KB

.J
Size: 111KB - Virtual size: 195KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 4KB