JaffaCakes118_94f99c229d4850361d581b9b6ec6386a

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_94f99c229d4850361d581b9b6ec6386a
Size

201KB
MD5

94f99c229d4850361d581b9b6ec6386a
SHA1

49d0e7d3507dd96490455f67cdc946ef260825f9
SHA256

a303f53f208d52dc654f817912e352cc621e01cddb61a0c70eff3e4ea51302c6
SHA512

3958668e6e652edfc23672eac765e0b0531b622d37a4d366131362508debce737c421a3495bdae0da5649125ed42bf026e23ee1a445c061b86ba1b9c4214c087
SSDEEP

6144:3gdM/0j/WG536OrNDNK2UgLbjHgZ5TmD:3ge0zWQVNK27gi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_94f99c229d4850361d581b9b6ec6386a

Files

JaffaCakes118_94f99c229d4850361d581b9b6ec6386a
.exe windows:4 windows x86 arch:x86

9e21ebb577ecc6841b573760d2f81cf2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptCreateHash
CryptGetHashParam
CryptAcquireContextA
CryptReleaseContext
CryptHashData
CryptDestroyHash

shell32

CommandLineToArgvW

psapi

GetProcessMemoryInfo

msvfw32

ICInfo

imagehlp

ImageNtHeader
ImageRvaToVa
ImageGetDigestStream
ImageDirectoryEntryToData

user32

CharNextA
MonitorFromWindow
wsprintfW
CharNextW

kernel32

SizeofResource
GlobalLock
GetFileSize
FindFirstFileW
GetSystemDirectoryA
lstrcmpiA
GetProcessHeap
CreateDirectoryW
lstrlenA
CreateFileW
InterlockedIncrement
AreFileApisANSI
GlobalAlloc
UnmapViewOfFile
CopyFileW
HeapAlloc
HeapSize
LoadLibraryA
CreateFiberEx
GetFullPathNameA
LoadLibraryExA
_lwrite
ReadFile
GetLocaleInfoA
FindResourceW
HeapFree
GetTempFileNameW
Sleep
EscapeCommFunction
GetCurrentProcessId
EnumResourceTypesW
WriteFile
LoadLibraryExW
DeleteFileW
GetFileAttributesA
FindNextFileW
GetFullPathNameW
lstrlenW
GetVersionExA
BeginUpdateResourceW
EnumResourceLanguagesW
SetFileAttributesW
LocalFree
RemoveDirectoryA
SetFilePointer
CopyFileA
GetCurrentDirectoryW
LeaveCriticalSection
SetFileAttributesA
EnumResourceNamesA
_llseek
LoadResource
WideCharToMultiByte
ExitProcess
CreateFileMappingA
GetProcAddress
TerminateProcess
SetEndOfFile
IsDebuggerPresent
QueryPerformanceCounter
GetCommandLineW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
MoveFileW
FindNextFileA
LockResource
GetFileAttributesW
UnhandledExceptionFilter
CreateFileA
DeleteCriticalSection
GetCurrentThreadId
CreateDirectoryA
FindFirstFileA
UpdateResourceW
GetACP
DebugBreak
SetLastError
GetFileInformationByHandle
GetLastError
GetTickCount
FreeResource
DeleteFileA
GetThreadLocale
InterlockedExchange
_lread
GetVersion
FindClose
HeapReAlloc
GetTempPathW
EnterCriticalSection
FatalExit
CloseHandle
GetCurrentProcess
MapViewOfFile
EndUpdateResourceW
GetEnvironmentVariableA
InterlockedCompareExchange
FreeLibrary
FindResourceExW
MultiByteToWideChar
_lclose
GetVersionExW
EnumResourceNamesW
InterlockedDecrement
RaiseException
GlobalFree
OutputDebugStringA
GlobalUnlock
RemoveDirectoryW
GetModuleHandleW
GetStringTypeExW
GetOEMCP
FormatMessageW
InitializeCriticalSection
HeapDestroy
lstrcpyA

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e21ebb577ecc6841b573760d2f81cf2

Headers

File Characteristics

Imports

advapi32

shell32

psapi

msvfw32

imagehlp

user32

kernel32

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 14KB - Virtual size: 14KB

.lib Size: 512B - Virtual size: 224KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 14KB - Virtual size: 14KB

.lib
Size: 512B - Virtual size: 224KB