JaffaCakes118_6d74c235347b5f83a7b13bf7b275d5e6

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6d74c235347b5f83a7b13bf7b275d5e6
Size

179KB
MD5

6d74c235347b5f83a7b13bf7b275d5e6
SHA1

fcc82804a1e07046d7bdb711d4d660127c345198
SHA256

6fd5c226c072a18de4ffe3b5a710ccdc5769424eaabbead00797c541810191c4
SHA512

ff6facb702463230f8c9bf0ca5dc63037eb3f0343a162290d5b6478918c9380a63407a37a68c1738779664418e77748838d21373f900918fb6be482d4a64e6c3
SSDEEP

3072:AGQ26L9uXV49MzbmHdi4QTHzklkzAYATwAl8OzJ37FBc+kxtQJv+qvDWEY2aySfj:ZNg9uXV49MOFqHz2gAzT78Oz97FBDkxc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6d74c235347b5f83a7b13bf7b275d5e6

Files

JaffaCakes118_6d74c235347b5f83a7b13bf7b275d5e6
.exe windows:4 windows x86 arch:x86

ffc14e9e8dbe9b60b45e81ba7c5d1463

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetTime
timeGetDevCaps
timeBeginPeriod
timeEndPeriod

kernel32

MultiByteToWideChar
GetTickCount
CloseHandle
LeaveCriticalSection
VirtualFree
GetTapeParameters
HeapFree
WaitForMultipleObjects
LoadLibraryA
GetModuleFileNameW
ReleaseMutex
GetSystemInfo
ClearCommError
DisableThreadLibraryCalls
LockResource
GetCurrentThreadId
GetCurrentThread
WaitForSingleObject
lstrlenA
InterlockedDecrement
IsBadReadPtr
ReleaseSemaphore
ResumeThread
WideCharToMultiByte
GetExitCodeThread
CreateMutexA
QueryPerformanceCounter
GetModuleFileNameA
LoadResource
DeleteCriticalSection
FindResourceA
CreateFileW
EnumResourceNamesA
GetSystemTimeAsFileTime
CreateEventA
ResetEvent
InterlockedIncrement
GetCurrentProcessId
GetSystemTime
IsBadWritePtr
FatalExit
GetLastError
LocalFree
GetACP
Sleep
FreeLibrary
GetVersionExA
GetProcAddress
InitializeCriticalSection
CreateSemaphoreA
GetProcessHeap
VirtualAlloc
SetThreadPriority
LoadLibraryW
CreateThread
SetEvent
EnterCriticalSection
GetThreadPriority
TerminateThread
GlobalAlloc
ExitProcess

quartz

AMGetErrorTextW

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoRegisterClassObject
CLSIDFromString
CoCreateInstance
StringFromCLSID
GetRunningObjectTable
CoRevokeClassObject
StringFromGUID2
CreateItemMoniker
CoTaskMemFree
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
CoTaskMemAlloc

user32

CopyRect
LoadStringA
MonitorFromWindow
MsgWaitForMultipleObjects
RegisterWindowMessageA
PostThreadMessageA
GetQueueStatus
PeekMessageA
GetMessageA
wvsprintfA
DispatchMessageA
RegisterClassA
wsprintfA
CreateWindowExA
DestroyWindow

shell32

SHGetSpecialFolderPathA

advapi32

RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegSetValueA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffc14e9e8dbe9b60b45e81ba7c5d1463

Headers

File Characteristics

Imports

winmm

kernel32

quartz

ole32

user32

shell32

advapi32

Sections

.text Size: 127KB - Virtual size: 127KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 47KB - Virtual size: 46KB

.lib Size: 512B - Virtual size: 236KB

.text
Size: 127KB - Virtual size: 127KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 47KB - Virtual size: 46KB

.lib
Size: 512B - Virtual size: 236KB