JaffaCakes118_d10e37e68346cd14a8906e547566db8b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_d10e37e68346cd14a8906e547566db8b
Size

250KB
MD5

d10e37e68346cd14a8906e547566db8b
SHA1

e8a2eb6c91aa00a8be9b035a3bbe804e852107ab
SHA256

25055f14a00b604a7aa54e621f415b5f2c31b58aa815379397e3562d9fd4b49b
SHA512

00d2b011b721bda0095e3f1e4db746283c4e98fb342aef19d013109a5eb0e5c617709b68b421491c7617f4645d201e20517eec7a29bbfae5870cef9cd251af0e
SSDEEP

6144:Uq6SQWzKUSaIFqdO9XYqXvnKSFKhoVmTVLf31Sp:2SQs/SjFxNYyVTVm11S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_d10e37e68346cd14a8906e547566db8b

Files

JaffaCakes118_d10e37e68346cd14a8906e547566db8b
.exe windows:4 windows x86 arch:x86

4917038eb628638b5fe31e57d75903d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrRetToStrW

kernel32

GetModuleFileNameW
GetLastError
CreateEventW
GetThreadPriority
GetWindowsDirectoryW
GetVolumeInformationW
ExpandEnvironmentStringsW
GetFileAttributesW
GetSystemDirectoryW
GetVersionExW
Sleep
GetTempFileNameW
GetProcessHeap
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
InitializeCriticalSection
GetCurrentThread
GetTickCount
GetLogicalDrives
SetEvent
WaitForSingleObject
CreateDirectoryW
SetErrorMode
SetUnhandledExceptionFilter
GetCurrentProcess
QueryPerformanceCounter
CreateMutexW
GetProcAddress
GetModuleHandleA

advapi32

RegEnumValueW
GetUserNameW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
StartServiceW
RegOpenKeyW
RegQueryValueExW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegFlushKey

shell32

SHGetDesktopFolder
SHGetFolderPathW

ole32

CoInitialize
CoUninitialize

cfgmgr32

CM_Free_Log_Conf
CM_Next_Range

user32

CharPrevA
LoadImageW
OpenClipboard
MessageBoxIndirectA
IsMenu
SendDlgItemMessageA
CharPrevW
ShowCursor
wsprintfA
RegisterWindowMessageW
GetKeyboardLayout
EnumClipboardFormats
GetDesktopWindow
CreateAcceleratorTableW
PeekMessageW
GetDlgItemTextW
GetWindowRgn
wvsprintfA
SetForegroundWindow
CharUpperA
GetMenuItemInfoW
LoadCursorW
wvsprintfW
SetDlgItemTextA
IsIconic
InsertMenuA

gdi32

CreatePolyPolygonRgn
AddFontResourceW
RemoveFontResourceA
CreateFontIndirectExW
AddFontResourceA
CreateICW
CreateScalableFontResourceW
RemoveFontResourceExA
CreateMetaFileW
CreateBitmap
RemoveFontResourceExW
CreatePolygonRgn
SetEnhMetaFileBits
CreateEllipticRgn
CreateColorSpaceW

Sections

.edata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oUKQUW
Size: 104KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tQdRF
Size: 109KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4917038eb628638b5fe31e57d75903d9

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

shell32

ole32

cfgmgr32

user32

gdi32

Sections

.edata Size: 6KB - Virtual size: 5KB

.rdata Size: 13KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 13KB

.oUKQUW Size: 104KB - Virtual size: 112KB

.data Size: 5KB - Virtual size: 80KB

.tQdRF Size: 109KB - Virtual size: 174KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 4KB

.edata
Size: 6KB - Virtual size: 5KB

.rdata
Size: 13KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 13KB

.oUKQUW
Size: 104KB - Virtual size: 112KB

.data
Size: 5KB - Virtual size: 80KB

.tQdRF
Size: 109KB - Virtual size: 174KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 4KB