JaffaCakes118_0056057bc6229868b54ab5595c4cffdf

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0056057bc6229868b54ab5595c4cffdf
Size

223KB
MD5

0056057bc6229868b54ab5595c4cffdf
SHA1

911a9a5c3f9065f23708d927917b16e6e34b8621
SHA256

4b48559bdc73c664ea03316ca5db0e56bb41a1178456c4bd6c4abd1663b3bfde
SHA512

6a5bedfc02c5c9cd09256596cff8d3633e818151c6d70d9fb7e7612c39bae2767f4da540c1e73e912253af25745602c0cdcfdee0ec5ad3c2612977b93bc3db0c
SSDEEP

6144:d6JlEvLFVfBiWeI2NjVEmud8l3oquVU/dbRbfuQ:dCEvLFVEREmi8pJuVU5Rb2Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0056057bc6229868b54ab5595c4cffdf

Files

JaffaCakes118_0056057bc6229868b54ab5595c4cffdf
.exe windows:4 windows x86 arch:x86

7c5af07c2b6608312cfb2f4da4c76151

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetVersionExW
ExpandEnvironmentStringsA
EnumTimeFormatsA
MoveFileA
EnumTimeFormatsW
GetProcAddress
GetLogicalDriveStringsA
CreateDirectoryW
CompareStringW
GetDateFormatW
HeapCreate
EnumDateFormatsW
OpenSemaphoreA
GetHandleInformation
OpenWaitableTimerA
GetCalendarInfoA
AddAtomW
LoadLibraryA
CreateDirectoryA
WaitForSingleObject
CreateSemaphoreA
GetProcessHeap
MultiByteToWideChar
IsValidLocale
GetModuleFileNameW
IsBadReadPtr
InitializeCriticalSection
OpenFile
SetEvent
CreateFileMappingA
lstrcmpA
GetDiskFreeSpaceA
GlobalDeleteAtom
CreateNamedPipeW

user32

SetWindowLongA
MoveWindow
RegisterWindowMessageA
GetWindowTextA
GetWindowRect
GetKeyState
MessageBeep
CopyIcon
SetForegroundWindow
DestroyWindow
SetDlgItemTextW
CopyImage
InvalidateRgn
IsWindow
CharLowerW
ArrangeIconicWindows
GetMenuItemID
GetActiveWindow
PostMessageA
IsIconic
mouse_event
CreateAcceleratorTableA
GetForegroundWindow
SetDlgItemInt
GetScrollPos
UpdateLayeredWindow
GetMenuItemInfoA
InvalidateRect
GetTopWindow
CreateMenu
GetClassInfoExA
AppendMenuA
SetWindowPos
CharPrevW
ShowCursor
GetDlgItem
AppendMenuW
EnumDesktopWindows
MessageBoxW

gdi32

EnumFontFamiliesW
AbortDoc
GetGlyphIndicesA
GetFontUnicodeRanges
CreateEnhMetaFileW
DeleteEnhMetaFile
CreateDCA
GetCharABCWidthsA
GetDIBColorTable

advapi32

RegOpenKeyA
RegReplaceKeyA
RegCreateKeyExA
RegOpenKeyW
RegOpenKeyA
RegDeleteValueW
RegQueryValueW

shell32

Shell_NotifyIcon
StrRStrIA
SHGetDiskFreeSpaceExW
SHBrowseForFolderA

shlwapi

PathFindNextComponentA
SHRegSetUSValueW
PathFindExtensionW
SHRegWriteUSValueW
PathRelativePathToW
StrRStrIA
PathFindFileNameW
PathSearchAndQualifyW
PathIsFileSpecA
SHRegQueryInfoUSKeyA

comctl32

DrawStatusTextW
InitializeFlatSB
FlatSB_SetScrollInfo
DestroyPropertySheetPage

comdlg32

PrintDlgW
ChooseFontA

ole32

CoGetInstanceFromFile
StringFromCLSID
CLSIDFromProgID

urlmon

HlinkGoForward
GetSoftwareUpdateInfo
CompareSecurityIds
RegisterBindStatusCallback
CoInstall
DllInstall
CoInternetCombineUrl
UrlMkSetSessionOption

inetcomm

HrAttachDataFromFile
EssSignCertificateDecodeEx
CreateIMAPTransport2
MimeOleCreateHeaderTable
MimeOleCreateMessageParts
EssContentHintDecodeEx
MimeOleSetBodyPropA
MimeEditGetBackgroundImageUrl
MimeOleStripHeaders
MimeOleGenerateFileName

oledlg

OleUIAddVerbMenuA

Sections

.U
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iX
Size: 1024B - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KmN
Size: 5KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eTqgaM
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.M
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.FleMpF
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Sjl
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WLOFt
Size: 3KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c5af07c2b6608312cfb2f4da4c76151

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

comctl32

comdlg32

ole32

urlmon

inetcomm

oledlg

Sections

.U Size: 5KB - Virtual size: 4KB

.iX Size: 1024B - Virtual size: 253KB

.KmN Size: 5KB - Virtual size: 258KB

.eTqgaM Size: 83KB - Virtual size: 83KB

.M Size: 13KB - Virtual size: 13KB

.FleMpF Size: 4KB - Virtual size: 7KB

.Sjl Size: 85KB - Virtual size: 84KB

.data Size: 12KB - Virtual size: 342KB

.WLOFt Size: 3KB - Virtual size: 166KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 1024B - Virtual size: 1024B

.U
Size: 5KB - Virtual size: 4KB

.iX
Size: 1024B - Virtual size: 253KB

.KmN
Size: 5KB - Virtual size: 258KB

.eTqgaM
Size: 83KB - Virtual size: 83KB

.M
Size: 13KB - Virtual size: 13KB

.FleMpF
Size: 4KB - Virtual size: 7KB

.Sjl
Size: 85KB - Virtual size: 84KB

.data
Size: 12KB - Virtual size: 342KB

.WLOFt
Size: 3KB - Virtual size: 166KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 1024B - Virtual size: 1024B