JaffaCakes118_b75b669b5101b346b76d5d1f1fa857d2

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b75b669b5101b346b76d5d1f1fa857d2
Size

201KB
MD5

b75b669b5101b346b76d5d1f1fa857d2
SHA1

10f22e685eaff153e106189a494f6782ae290800
SHA256

658fee8ef8b5d3dc3e8ca3a0aac2f4bbdef258f9c45252a1d1f7c45a02dd80e5
SHA512

524da732d1e3ab6a5349aae32de26118e5af24e99e8583c644db5f227755efe999844d1db9facd250625125cb2693eb4dab53eb8ad29e8b32e9625fdeacddf13
SSDEEP

3072:0kv+pIH2jPJcgOvEtwC68twjIqfu+WXhUZrazHecpuI6pVA1X+czkoa6wOhadSCK:1a+gO8tu8tw8bp6OvYujfh0SHlunIj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b75b669b5101b346b76d5d1f1fa857d2

Files

JaffaCakes118_b75b669b5101b346b76d5d1f1fa857d2
.exe windows:4 windows x86 arch:x86

0dee6128400ce4967b64af3c8f2d5189

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeaps
GetCurrentDirectoryA
ExpandEnvironmentStringsA
GetSystemDirectoryA
CreateDirectoryW
GetModuleHandleA
GetCurrentProcessId
GlobalDeleteAtom
WriteFile
lstrcmpA
CopyFileA
LocalAlloc
SetComputerNameW
SetLastError
GetFullPathNameA
GetCPInfo
GetStartupInfoW
GetExitCodeProcess
GetExpandedNameW
CreateNamedPipeA
GetVersionExA
GetProcAddress
OpenMutexA
IsBadStringPtrW
lstrcpynW
EnumCalendarInfoW
SearchPathW
lstrcmpiW
GetUserDefaultLangID
Sleep
GetProcessHeap
lstrcatA
BeginUpdateResourceW
DeleteAtom
CreateFileA
GlobalFindAtomW
GetExitCodeThread

user32

GetCapture
SetWindowTextW
GetMenuItemRect
MessageBoxW
GetCursorPos
GetAsyncKeyState
MonitorFromRect
CallWindowProcA
ArrangeIconicWindows
CloseWindow
CharUpperA
BringWindowToTop
GetSysColor
RegisterClassExW
GetClassInfoExA
GetDC
DefWindowProcW
MessageBoxIndirectA
MoveWindow
GetForegroundWindow
PeekMessageA
LoadIconW
GetDlgItem
MonitorFromWindow
EnumDesktopsA
CharPrevW
ShowCaret
GetCaretPos

gdi32

GetGraphicsMode
SetRectRgn
GetEnhMetaFileA
CreateMetaFileA
CreateFontIndirectExW
GetEnhMetaFilePaletteEntries
GetOutlineTextMetricsW
ScaleViewportExtEx
BeginPath
GetCharWidthW
DeleteEnhMetaFile
SetStretchBltMode

advapi32

RegOpenKeyW
RegFlushKey
RegEnumValueA
RegCreateKeyExW
RegOpenKeyA
RegQueryValueA
RegRestoreKeyW

shell32

StrNCmpIW
ShellExecuteExA
StrNCmpA

oleaut32

VarDecSub
VarI1FromDec
VarUI1FromR4
VarI4FromR4
VarR8FromI4
VarI1FromStr
DllRegisterServer

version

GetFileVersionInfoW
VerInstallFileA
VerFindFileA

urlmon

CreateFormatEnumerator
CDLGetLongPathNameA
CoInternetQueryInfo
IsAsyncMoniker
URLDownloadToFileW
GetSoftwareUpdateInfo
URLDownloadA
Extract
IsLoggingEnabledA
CopyStgMedium

crypt32

CertSetCTLContextProperty
CryptMsgVerifyCountersignatureEncoded
CertUnregisterPhysicalStore
CryptExportPublicKeyInfo
CertSaveStore
CryptRegisterOIDInfo
I_CryptAllocTls
CryptSIPVerifyIndirectData
CryptMsgEncodeAndSignCTL

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IcbOWV
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fwV
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CgwTKx
Size: 1024B - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zR
Size: 1024B - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZKF
Size: 1024B - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rkacex
Size: 2KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dee6128400ce4967b64af3c8f2d5189

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

version

urlmon

crypt32

Sections

.text Size: 12KB - Virtual size: 12KB

.IcbOWV Size: 2KB - Virtual size: 9KB

.fwV Size: 3KB - Virtual size: 14KB

.CgwTKx Size: 1024B - Virtual size: 23KB

.data Size: 5KB - Virtual size: 4KB

.zR Size: 1024B - Virtual size: 30KB

.ZKF Size: 1024B - Virtual size: 31KB

.Rkacex Size: 2KB - Virtual size: 269KB

.rsrc Size: 170KB - Virtual size: 170KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.IcbOWV
Size: 2KB - Virtual size: 9KB

.fwV
Size: 3KB - Virtual size: 14KB

.CgwTKx
Size: 1024B - Virtual size: 23KB

.data
Size: 5KB - Virtual size: 4KB

.zR
Size: 1024B - Virtual size: 30KB

.ZKF
Size: 1024B - Virtual size: 31KB

.Rkacex
Size: 2KB - Virtual size: 269KB

.rsrc
Size: 170KB - Virtual size: 170KB

.reloc
Size: 1KB - Virtual size: 1KB