JaffaCakes118_9583b2fb623b31dd5d831f28272c5416

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_9583b2fb623b31dd5d831f28272c5416
Size

177KB
MD5

9583b2fb623b31dd5d831f28272c5416
SHA1

3294717ca8af01e7e020329a7144f41de0f639bb
SHA256

4cb6622956e3e23d3600067587321b04e70db953deefe149c13086dcbcf65ad9
SHA512

0979e34966f48d544d3f6944d00a8025802f7d6402a9cf8560f1d7a7e6525f76f79f578d2594925e64f51c02cfe174cb06cbc6a4201f473eb33717148744b909
SSDEEP

3072:L4oo5UzOP+xy70j3MEq1RCl88aov0dZOaAn1Pv5vNpQw+:Y5T0jcEq1RCm8a9TZAn1H5vNpQ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9583b2fb623b31dd5d831f28272c5416

Files

JaffaCakes118_9583b2fb623b31dd5d831f28272c5416
.exe windows:4 windows x86 arch:x86

a66db4ea94a613fe258a640dadb741ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInGetNumDevs
mixerOpen
mixerGetNumDevs
mixerGetLineControlsW
timeSetEvent
waveInGetDevCapsW
mixerClose
mixerSetControlDetails
mixerGetLineInfoW
timeGetTime
mixerGetControlDetailsW
mixerGetDevCapsW

gdiplus

GdiplusStartup
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromStreamICM
GdipCreateHBITMAPFromBitmap
GdipGetImageThumbnail
GdiplusShutdown
GdipCreateBitmapFromStream
GdipFree
GdipCloneImage

gdi32

SetStretchBltMode
GetObjectW
GetStockObject
CreateDIBSection
SelectPalette
StretchDIBits
GetDIBits
RealizePalette
CreateCompatibleDC
SelectObject
BitBlt

user32

GetQueueStatus
EnableWindow
RegisterWindowMessageW
TranslateMessage
ReleaseDC
KillTimer
PeekMessageW
IsWindowVisible
wsprintfW
SetTimer
wvsprintfW
DispatchMessageW
UnregisterClassA
PostThreadMessageW
SetParent
GetDC
UnregisterClassW
GetWindowRect
MsgWaitForMultipleObjects

kernel32

LocalFree
LocalAlloc
lstrcmpiW
MultiByteToWideChar
EnterCriticalSection
GetModuleHandleW
LoadLibraryW
PrivCopyFileExW
GlobalAlloc
QueryPerformanceCounter
VirtualFree
SetThreadPriority
FreeLibrary
GetCurrentThreadId
GlobalUnlock
ResetEvent
WriteFile
lstrcpynW
InterlockedDecrement
GetTickCount
GetLocaleInfoA
GetCurrentThread
GetLastError
InterlockedExchange
GetProcessId
GlobalReAlloc
SetEvent
lstrlenA
CreateFileW
GetACP
GetVersionExA
VirtualAlloc
EnumResourceTypesA
WaitForMultipleObjects
GetCurrentProcess
InterlockedIncrement
GlobalLock
CloseHandle
WaitForSingleObject
GetSystemTimeAsFileTime
DuplicateHandle
LeaveCriticalSection
CreateEventW
DisableThreadLibraryCalls
ProcessIdToSessionId
CreateThread
lstrcpyW
ExitProcess
CreateSemaphoreW
GetProcAddress
lstrcmpW
OutputDebugStringW
DeleteCriticalSection
GetVersionExW
InitializeCriticalSection
RaiseException
GetSystemInfo
Sleep
lstrlenW
GetThreadPriority
GetThreadLocale
GetCurrentProcessId
GlobalFree
ReleaseSemaphore
GetModuleFileNameW
GetModuleFileNameA

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a66db4ea94a613fe258a640dadb741ba

Headers

File Characteristics

Imports

winmm

gdiplus

gdi32

user32

kernel32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 67KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 72KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 67KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 72KB