JaffaCakes118_b7d2367b8408014d4d79f73904d6bdd3

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b7d2367b8408014d4d79f73904d6bdd3
Size

184KB
MD5

b7d2367b8408014d4d79f73904d6bdd3
SHA1

74532dfcaaa3b9dca987d30286919b1b3d47234e
SHA256

76f4a7795770664f4e26c6acff35623de4eac3735192c7422c8c1359c172b537
SHA512

156e1d93f8f0cc681ee2f32ae29893156983866ed7f1c1b238371e6ded66a3619c22852af981d7fd615380cab94ea75dfdbc23776fe982b758e9fc48e6b169f3
SSDEEP

3072:CfOmSlhxEvaloBOz4r4EXIkJ3VTGiw/cZk3JR2vK6/vA:xLj3InZycZWMl/vA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b7d2367b8408014d4d79f73904d6bdd3

Files

JaffaCakes118_b7d2367b8408014d4d79f73904d6bdd3
.exe windows:4 windows x86 arch:x86

ea0daa188f633ddaad45cc9c32036855

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetMapMode
SetWindowExtEx
SelectObject
GetBkColor
Escape
GetDeviceCaps
ExtSelectClipRgn
SetViewportOrgEx
ScaleWindowExtEx
ExtTextOutW
OffsetViewportOrgEx
GetStockObject
DeleteDC
TextOutW
RectVisible
ScaleViewportExtEx
PtVisible
GetTextColor
GetRgnBox

kernel32

GetCalendarInfoW
SystemTimeToFileTime
SetFilePointer
GetLocaleInfoW
FindNextFileW
LoadLibraryW
EnumResourceLanguagesW
MultiByteToWideChar
GetCurrentProcessId
DeleteFileW
ReadFile
lstrcpyW
SetFileTime
CreateDirectoryW
WideCharToMultiByte
WriteFile
ConvertDefaultLocale
EnumResourceNamesA
GetFileAttributesW
InterlockedDecrement
GetSystemDefaultLangID
FindClose
LocalFileTimeToFileTime
CreateFileW
ExitProcess
GetCurrentDirectoryW
MoveFileW
FindFirstFileW
GetModuleFileNameW
RemoveDirectoryW
GetVersion
GetProcAddress

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

CharNextW
SendDlgItemMessageA
MessageBeep
CopyAcceleratorTableW
RemovePropW
CharUpperW
InvalidateRgn
CreateWindowExW
GetClassInfoExW
GetNextDlgGroupItem
SetRect
GetClassLongW
GetPropW
WinHelpW
GetNextDlgTabItem
InvalidateRect
RegisterWindowMessageW
SetPropW
IsRectEmpty
DestroyMenu

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegSetValueExW
RegQueryValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegEnumKeyW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyExW
RegQueryValueExW

shlwapi

PathFindFileNameW
PathStripToRootW
PathFileExistsW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW
PathAppendW

ole32

OleFlushClipboard
CoInitialize
CoUninitialize
OleInitialize
OleIsCurrentClipboard
CoRegisterMessageFilter
CoRetireServer
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoRevokeClassObject
CoTaskMemFree
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoGetClassObject
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
OleUninitialize
CoCreateInstance
CLSIDFromString

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea0daa188f633ddaad45cc9c32036855

Headers

File Characteristics

Imports

gdi32

kernel32

shell32

user32

oleacc

advapi32

shlwapi

ole32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 77KB - Virtual size: 76KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 77KB - Virtual size: 76KB

.edata
Size: 1024B - Virtual size: 240KB