JaffaCakes118_e6d3510435ba71f777765eadba5dee77

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_e6d3510435ba71f777765eadba5dee77
Size

186KB
MD5

e6d3510435ba71f777765eadba5dee77
SHA1

70ef10f6f9eb23dd0fe2fcd2ada0c2c4e7d5cd92
SHA256

4bb5bf7ff704c4846a69a2b64dd413df538e53e9fb65db8535c4b1bc77e93551
SHA512

0dfaec0693920393aea65e7a3a1d91a9510e40c26f896062581e8338728d349c1c0ed29a67d3c82ff8c1361812be415aad9c355e9b3b92fc86985cf0cb114a06
SSDEEP

3072:dLInZXhN7famP6SFt72pYItP2I2fTZrZvRcrswGkUelDFb:dMNemlaYIt+dZvyrGyl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e6d3510435ba71f777765eadba5dee77

Files

JaffaCakes118_e6d3510435ba71f777765eadba5dee77
.exe windows:4 windows x86 arch:x86

d5c46704824b8e8226a1ab8a888507cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

ImageGetDigestStream
ImageRvaToVa
ImageNtHeader
ImageDirectoryEntryToData

advapi32

CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptAcquireContextA
CryptDestroyHash

psapi

GetProcessMemoryInfo

kernel32

GlobalUnlock
HeapDestroy
RemoveDirectoryW
SetFileAttributesW
InterlockedCompareExchange
GetFileSize
EndUpdateResourceW
LoadLibraryExW
GetOEMCP
GetLastError
IsDebuggerPresent
LoadLibraryA
CreateFiberEx
UnhandledExceptionFilter
EnumResourceLanguagesW
InterlockedDecrement
GetCurrentDirectoryW
GetSystemTimeAsFileTime
QueryPerformanceCounter
BeginUpdateResourceW
OutputDebugStringA
FreeResource
GetSystemDirectoryA
GetFileInformationByHandle
GetTickCount
AreFileApisANSI
GetCommandLineW
DeleteCriticalSection
LoadLibraryExA
LockResource
GetFileAttributesA
RemoveDirectoryA
EscapeCommFunction
Sleep
TerminateProcess
GlobalLock
DeleteFileA
HeapAlloc
CreateFileW
GetTempPathW
EnumResourceNamesW
InterlockedIncrement
CopyFileW
GetEnvironmentVariableA
FindNextFileA
_lread
CreateFileMappingA
EnumResourceNamesA
DeleteFileW
GetCurrentProcess
GetThreadLocale
WriteFile
ReadFile
SetUnhandledExceptionFilter
_lclose
GetVersionExA
_lwrite
GetCurrentThreadId
UpdateResourceW
SetFilePointer
FindResourceExW
lstrcmpiA
EnumResourceTypesW
EnterCriticalSection
DebugBreak
CreateDirectoryA
InitializeCriticalSection
CopyFileA
SizeofResource
GetFullPathNameA
CreateDirectoryW
HeapSize
MultiByteToWideChar
FindFirstFileW
GlobalAlloc
GetFullPathNameW
_llseek
GetVersionExW
LoadResource
FindNextFileW
ExitProcess
FatalExit
SetEndOfFile
FormatMessageW
MapViewOfFile
FindClose
GlobalFree
GetLocaleInfoA
FindResourceW
lstrlenW
FreeLibrary
MoveFileW
LeaveCriticalSection
GetVersion
GetCurrentProcessId
GetStringTypeExW
WideCharToMultiByte
GetTempFileNameW
CloseHandle
FindFirstFileA
InterlockedExchange
GetFileAttributesW
LocalFree
GetModuleHandleW
GetProcessHeap
GetACP
RaiseException
CreateFileA
UnmapViewOfFile
HeapReAlloc
lstrlenA
GetProcAddress
HeapFree
SetLastError
SetFileAttributesA
lstrcpyA

shell32

CommandLineToArgvW

msvfw32

ICInfo

user32

MonitorFromWindow
wsprintfW
CharNextA
CharNextW

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5c46704824b8e8226a1ab8a888507cd

Headers

File Characteristics

Imports

imagehlp

advapi32

psapi

kernel32

shell32

msvfw32

user32

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 19KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 19KB

.lib
Size: 512B - Virtual size: 76KB