JaffaCakes118_668c1ff3722c38ed44be150edc679a30

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_668c1ff3722c38ed44be150edc679a30
Size

183KB
MD5

668c1ff3722c38ed44be150edc679a30
SHA1

3cc40e80144b2972a10043d1cb799cc1dfad30be
SHA256

75609dded5b09da047053ec8f8481c0de75f0656ab24bed8d32820fe6a90863a
SHA512

e60696f389847b94b9b060814b82b3fec9b0db0bf472306e461a66ad691f036f68dd0254213aa52dfba51a0d29e3ec1330a1ec2203da6763f377df0c0d43a121
SSDEEP

3072:7qjd/dUiDkMtUfGoLQG2C0hONqvgEpRIHS3ZkEXWErUxG+Tgv49AiB5EWoybQcBm:ejdVUraUeoU/lhOeRnNXWbxG+TgvhU5U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_668c1ff3722c38ed44be150edc679a30

Files

JaffaCakes118_668c1ff3722c38ed44be150edc679a30
.exe windows:4 windows x86 arch:x86

2bb00501280feb02da68401a779be7c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetSpecialFolderPathA

user32

GetQueueStatus
CopyRect
PostThreadMessageA
PeekMessageA
RegisterWindowMessageA
LoadStringA
CreateWindowExA
DispatchMessageA
RegisterClassA
GetMessageA
wsprintfA
wvsprintfA
MsgWaitForMultipleObjects
MonitorFromWindow
DestroyWindow

ole32

CoUninitialize
CreateItemMoniker
CoTaskMemFree
CLSIDFromString
StringFromCLSID
CoInitializeEx
CoRegisterClassObject
CreateStreamOnHGlobal
StringFromGUID2
CoFreeUnusedLibraries
CoRevokeClassObject
CoCreateInstance
CoInitialize
GetRunningObjectTable
CoTaskMemAlloc

winmm

timeGetTime
timeGetDevCaps
timeBeginPeriod
timeEndPeriod

advapi32

RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegCreateKeyExA
RegEnumKeyExA

kernel32

CloseHandle
IsBadReadPtr
FindResourceA
GlobalAlloc
LeaveCriticalSection
GetModuleFileNameA
GetLastError
GetModuleFileNameW
LockResource
GetCurrentThread
GetTapeParameters
MultiByteToWideChar
InitializeCriticalSection
GetTickCount
GetCurrentThreadId
ResumeThread
LoadResource
IsBadWritePtr
lstrlenA
CreateThread
VirtualFree
WaitForMultipleObjects
ClearCommError
InterlockedIncrement
GetSystemTimeAsFileTime
InterlockedDecrement
GetThreadPriority
ReleaseSemaphore
GetSystemInfo
WideCharToMultiByte
EnterCriticalSection
LoadLibraryA
EnumResourceNamesA
GetACP
ReleaseMutex
Sleep
HeapFree
VirtualAlloc
CreateMutexA
FatalExit
ResetEvent
GetSystemTime
GetVersionExA
GetExitCodeThread
SetThreadPriority
CreateFileW
CreateEventA
FreeLibrary
GetCurrentProcessId
WaitForSingleObject
GetProcAddress
GetProcessHeap
LoadLibraryW
DeleteCriticalSection
QueryPerformanceCounter
DisableThreadLibraryCalls
TerminateThread
LocalFree
CreateSemaphoreA
SetEvent
ExitProcess

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bb00501280feb02da68401a779be7c7

Headers

File Characteristics

Imports

shell32

user32

ole32

winmm

advapi32

kernel32

oleacc

Sections

.text Size: 129KB - Virtual size: 128KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 49KB - Virtual size: 49KB

.lib Size: 512B - Virtual size: 232KB

.text
Size: 129KB - Virtual size: 128KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 49KB - Virtual size: 49KB

.lib
Size: 512B - Virtual size: 232KB