JaffaCakes118_bfbae6e4f9471a56861ee583ebbf41e4

General

Target

JaffaCakes118_bfbae6e4f9471a56861ee583ebbf41e4
Size

168KB
MD5

bfbae6e4f9471a56861ee583ebbf41e4
SHA1

7f7963f4db6b16c508264f68e8f318b1b5927506
SHA256

4e9a85a50de1c4d5a8cee8e5aebbc451971cb3558222cc1f5aa66691a656ea69
SHA512

7806a8a755af678fffa6ebd1e872902b246e5c1cd5b7b6d1c7a9f7dd997d7412d34c3d655d251388302fc96fa66533d9001f45719460a18c7357d015925c1a6c
SSDEEP

3072:LCnlARdtmxC06aYl+5ir6Vl0Cs8IJJ1CMPI3Y6XkY6x/pH7:OebmxCpB+5ir6QOIJJ1CMPI3ZXk5xBH7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_bfbae6e4f9471a56861ee583ebbf41e4

Files

JaffaCakes118_bfbae6e4f9471a56861ee583ebbf41e4
.exe windows:4 windows x86 arch:x86

e8b9b045d0d55b40f3e6266ddceb4b60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
PathFileExistsW

user32

GetDC
GetMessageW
SetTimer
CharUpperW
TranslateMessage
KillTimer
SendMessageA
CharNextW
DispatchMessageW
wsprintfW
PostThreadMessageW
UnregisterClassA

ole32

CoRevokeClassObject
CoUninitialize
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoInitialize
CoRegisterClassObject
CoTaskMemAlloc
CoTaskMemFree
StringFromCLSID

kernel32

MultiByteToWideChar
LockResource
lstrcpyA
GlobalAlloc
GetTickCount
GetProcessId
WideCharToMultiByte
lstrcpyW
lstrcmpiW
OutputDebugStringW
EnumResourceNamesW
GetLastError
lstrlenW
CreateFileMappingW
InitializeCriticalSection
FreeEnvironmentStringsW
GlobalFree
GetCPInfo
GetACP
lstrcpyA
FindClose
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExW

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8b9b045d0d55b40f3e6266ddceb4b60

Headers

File Characteristics

Imports

shlwapi

user32

ole32

kernel32

oleacc

advapi32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 63KB - Virtual size: 63KB

.isete Size: 1024B - Virtual size: 248KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 63KB - Virtual size: 63KB

.isete
Size: 1024B - Virtual size: 248KB