JaffaCakes118_084ba54ba3d71a5423375c0ad881ebfd

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_084ba54ba3d71a5423375c0ad881ebfd
Size

253KB
MD5

084ba54ba3d71a5423375c0ad881ebfd
SHA1

c795de9bdd48204d6844df8147e49aa44cf5b0c5
SHA256

710b259beae637f0b0b6a07ed4fc7f878f23f8dd2f33146203c7d48b457c090d
SHA512

e64963124455376c4cc44a7b1b0af43461e98e444ab362883651ef9969536b570610f0883b55c5f9469f594f5e2635285a97b18d731b55d933bac1d4d05d0e02
SSDEEP

6144:Mj89h36jLTfrPXGxxkDal4jZUNesLT91omGSSG4u2WOMNOsPaU7:nyTjOxa0+ZdsLTLGJC2WNYrU7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_084ba54ba3d71a5423375c0ad881ebfd

Files

JaffaCakes118_084ba54ba3d71a5423375c0ad881ebfd
.exe windows:4 windows x86 arch:x86

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

ntohs
inet_ntoa

shlwapi

PathRemoveFileSpecA

wininet

InternetOpenA
InternetCloseHandle
HttpOpenRequestA
InternetSetOptionA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetConnectA

kernel32

GetSystemTime
InitializeCriticalSection
FreeLibrary
GetCurrentProcess
GetVersionExA
GetModuleFileNameA
OpenMutexA
GetLastError
GetTickCount
GetLocaleInfoA
RaiseException
WaitForMultipleObjects
GetModuleFileNameW
LoadLibraryA
ExitProcess
LocalFree
MultiByteToWideChar
GetACP
LocalAlloc
lstrlenA
lstrcpynA
GetShortPathNameA
lstrcmpiA
GetComputerNameA
IsBadWritePtr
HeapCreate
SetUnhandledExceptionFilter
TlsAlloc
GetOEMCP
CreateMutexA
OpenEventA
SetEvent
GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
CreateEventA
WaitForSingleObject
Sleep
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
GetSystemInfo
GetEnvironmentStringsW
GetCPInfo
GetFileAttributesA
GetStartupInfoA
BeginUpdateResourceW
GetProcAddress

user32

RegisterClassA
CreateWindowExA
ShowWindow
GetSystemMetrics
CharUpperA
DefWindowProcA
wsprintfA
CharPrevA
GetMessageA
PostQuitMessage

advapi32

ImpersonateSelf
GetTokenInformation
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
FreeSid
RevertToSelf
ImpersonateLoggedOnUser
StartServiceCtrlDispatcherA
OpenProcessToken
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupPrivilegeValueA
AdjustTokenPrivileges
SetServiceStatus
RegOpenKeyExW
RegQueryValueExW
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
GetUserNameA

ole32

CLSIDFromString
CoCreateGuid
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen

ntprint

PSetupEnumMonitor
PSetupDestroyPrinterDeviceInfoList
ServerInstallW
PSetupGetSelectedDriverInfo

dmocx

DllGetClassObject

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WwVHa
Size: 1024B - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iSKC
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 101KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KQzjvU
Size: 3KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 114KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RA
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

Imports

version

ws2_32

shlwapi

wininet

kernel32

user32

advapi32

ole32

oleaut32

ntprint

dmocx

Sections

.text Size: 15KB - Virtual size: 15KB

.WwVHa Size: 1024B - Virtual size: 230KB

.rdata Size: 4KB - Virtual size: 6KB

.iSKC Size: 1024B - Virtual size: 60KB

.edata Size: 101KB - Virtual size: 161KB

.KQzjvU Size: 3KB - Virtual size: 270KB

.data Size: 7KB - Virtual size: 93KB

.edata Size: 114KB - Virtual size: 182KB

.RA Size: 512B - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.WwVHa
Size: 1024B - Virtual size: 230KB

.rdata
Size: 4KB - Virtual size: 6KB

.iSKC
Size: 1024B - Virtual size: 60KB

.edata
Size: 101KB - Virtual size: 161KB

.KQzjvU
Size: 3KB - Virtual size: 270KB

.data
Size: 7KB - Virtual size: 93KB

.edata
Size: 114KB - Virtual size: 182KB

.RA
Size: 512B - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 4KB