JaffaCakes118_7a0135fc9e808808e0af37f0fff5f6e8

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7a0135fc9e808808e0af37f0fff5f6e8
Size

186KB
MD5

7a0135fc9e808808e0af37f0fff5f6e8
SHA1

66e316ae6326ffbbe4a0a8c6a023bacb0d1c3b19
SHA256

aadd504867c760b535ce8a059d362e7eca1b1b2279028fa38fa7d46cc09572d5
SHA512

021388669bff96f7d5a40910c0e1c5a623146c600dc6fe575f773c47db0997ba2b1706d24414407e277636c643e76218b0af42ed00d99e127652971bd35e393f
SSDEEP

3072:O4N+lN+8PBSteyH+YBNenl1g4//jPyNyif35eRPKO2hfJikg2sV7HEsPO5Ki/FM+:O4N+bRoBEl1B/Lif35eRV8fJiysV7jO9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7a0135fc9e808808e0af37f0fff5f6e8

Files

JaffaCakes118_7a0135fc9e808808e0af37f0fff5f6e8
.exe windows:4 windows x86 arch:x86

4d755a881466454a3b89685801fc2bdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetSpecialFolderPathA

ole32

CreateItemMoniker
CoInitializeEx
StringFromGUID2
StringFromCLSID
CoUninitialize
CreateStreamOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree
CLSIDFromString
GetRunningObjectTable
CoTaskMemAlloc

kernel32

CreateEventA
CreateSemaphoreA
WaitForSingleObject
GetCurrentThread
GetSystemInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForMultipleObjects
FindResourceA
ReleaseSemaphore
GetTapeParameters
GetExitCodeThread
GetSystemTime
LocalFree
ReleaseMutex
ClearCommError
LeaveCriticalSection
SetEvent
GetVersionExA
GetLastError
GetCurrentProcessId
WideCharToMultiByte
GetCurrentThreadId
GetACP
ResetEvent
MultiByteToWideChar
GetTickCount
LoadLibraryA
lstrlenA
GetProcAddress
IsBadReadPtr
EnumResourceNamesA
CreateFileW
DeleteCriticalSection
FreeLibrary
ResumeThread
LockResource
Sleep
LoadLibraryW
CreateThread
DisableThreadLibraryCalls
GetModuleFileNameA
TerminateThread
VirtualAlloc
LoadResource
CloseHandle
InitializeCriticalSection
HeapFree
SetThreadPriority
FatalExit
VirtualFree
GetProcessHeap
CreateMutexA
GetThreadPriority
GetModuleFileNameW
GlobalAlloc
EnterCriticalSection
IsBadWritePtr
InterlockedIncrement
InterlockedDecrement
ExitProcess

winmm

timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetQueueStatus
RegisterWindowMessageA
LoadStringA
wsprintfA
CopyRect
PostThreadMessageA
MsgWaitForMultipleObjects
wvsprintfA
CreateWindowExA
GetMessageA
PeekMessageA
MonitorFromWindow
RegisterClassA
DispatchMessageA
DestroyWindow

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegSetValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegCloseKey
RegCreateKeyExA
RegEnumKeyExA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d755a881466454a3b89685801fc2bdf

Headers

File Characteristics

Imports

shell32

ole32

kernel32

winmm

oleacc

user32

advapi32

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 46KB - Virtual size: 46KB

.lib Size: 512B - Virtual size: 236KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 46KB - Virtual size: 46KB

.lib
Size: 512B - Virtual size: 236KB