JaffaCakes118_b010667c69e65496ea1f68a10e504b13

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b010667c69e65496ea1f68a10e504b13
Size

184KB
MD5

b010667c69e65496ea1f68a10e504b13
SHA1

4aac6ce89a811f1d5e6c85148fb0d7acd7177ea5
SHA256

71823b149ec0e7681f1910ae9ccbd27d80a2e05f279329d134b5d337ff21315c
SHA512

476f16b99fe92b3421ac17fa4a4aa10bf64ea01771409bba6bb1e5ee271bd8b745f52b05b3976858a43583f69f46e9f60176c28918f553f038fba7bc41f92ccd
SSDEEP

3072:Rk0GEfvu0LPmw5/cpXszh1OS+LyeRCBPBKa/kGSzEieh1w9CHnHbTAmMW:RkrIvGC0pXszhQS+RCFBKaHST6HHL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b010667c69e65496ea1f68a10e504b13

Files

JaffaCakes118_b010667c69e65496ea1f68a10e504b13
.exe windows:4 windows x86 arch:x86

83c83fafbb1819c746015df4a40a3194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

CommandLineToArgvW

kernel32

CreateFiberEx
GetFullPathNameW
QueryPerformanceCounter
CreateDirectoryA
DeleteFileW
FindResourceExW
GetFileAttributesW
GetCurrentProcessId
InitializeCriticalSection
SetUnhandledExceptionFilter
GetCurrentProcess
LoadResource
GetSystemTimeAsFileTime
UpdateResourceW
MultiByteToWideChar
FindClose
_llseek
GetProcAddress
EnumResourceNamesW
HeapSize
GetFileAttributesA
CopyFileA
EnterCriticalSection
GetSystemDirectoryA
LeaveCriticalSection
EscapeCommFunction
GetStringTypeExW
DeleteFileA
GlobalAlloc
SetFilePointer
HeapAlloc
HeapDestroy
DeleteCriticalSection
ReadFile
GetLastError
InterlockedExchange
SetEndOfFile
EnumResourceLanguagesW
RemoveDirectoryA
BeginUpdateResourceW
CreateDirectoryW
WriteFile
GetOEMCP
_lclose
EnumResourceTypesW
CreateFileA
RemoveDirectoryW
InterlockedDecrement
lstrlenW
GetTempPathW
_lwrite
GetTickCount
Sleep
CopyFileW
FindNextFileA
LockResource
SetLastError
GetLocaleInfoA
FreeResource
FreeLibrary
lstrcmpiA
GlobalUnlock
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetTempFileNameW
GetVersion
EnumResourceNamesA
FindFirstFileW
GetACP
FindResourceW
GetProcessHeap
GetFileInformationByHandle
GetFileSize
FatalExit
InterlockedCompareExchange
DebugBreak
GetThreadLocale
LocalFree
OutputDebugStringA
GetVersionExA
SetFileAttributesW
GlobalFree
CreateFileMappingA
HeapFree
FindNextFileW
InterlockedIncrement
UnhandledExceptionFilter
WideCharToMultiByte
UnmapViewOfFile
EndUpdateResourceW
HeapReAlloc
RaiseException
LoadLibraryExA
GetEnvironmentVariableA
AreFileApisANSI
SizeofResource
lstrlenA
GetCurrentThreadId
FormatMessageW
_lread
CloseHandle
MoveFileW
GetFullPathNameA
GetCurrentDirectoryW
SetFileAttributesA
LoadLibraryExW
MapViewOfFile
LoadLibraryA
GetCommandLineW
CreateFileW
FindFirstFileA
GetVersionExW
TerminateProcess
GlobalLock
lstrcpyA

psapi

GetProcessMemoryInfo

user32

wsprintfW
MonitorFromWindow
CharNextA
CharNextW

advapi32

CryptHashData
CryptReleaseContext
CryptAcquireContextA
CryptCreateHash
CryptGetHashParam
CryptDestroyHash

imagehlp

ImageGetDigestStream
ImageRvaToVa
ImageNtHeader
ImageDirectoryEntryToData

msvfw32

ICInfo

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83c83fafbb1819c746015df4a40a3194

Headers

File Characteristics

Imports

shell32

kernel32

psapi

user32

advapi32

imagehlp

msvfw32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 15KB - Virtual size: 15KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 15KB - Virtual size: 15KB

.lib
Size: 512B - Virtual size: 76KB