JaffaCakes118_066dbc13770985fe041399396f2191ae

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_066dbc13770985fe041399396f2191ae
Size

208KB
MD5

066dbc13770985fe041399396f2191ae
SHA1

345c84d63c1caff2feaba5c9f66f165e09a79f74
SHA256

e3b84d4b644e2e6097cb0b4c48038c2ddd8e57716725ab63a8c5695d1c431ab0
SHA512

45979fea172822f86830dd75193a84d7a1e4ee9f07b06e6fe13dae3e06ed8c724a0e9e7df1b00e54c1c8e9593454221ab0287eb87e9a5716f5c08243f7a4a32d
SSDEEP

6144:BPRP2L0cngp5/vuGp1k1TBIg0wkucL9/:va0Sa/70Bxkbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_066dbc13770985fe041399396f2191ae

Files

JaffaCakes118_066dbc13770985fe041399396f2191ae
.exe windows:4 windows x86 arch:x86

39aae10368b32719f814b1d65af6faa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvfw32

ICInfo

user32

MonitorFromWindow
wsprintfW
CharNextA
CharNextW

psapi

GetProcessMemoryInfo

advapi32

CryptAcquireContextA
CryptCreateHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
CryptDestroyHash

shell32

CommandLineToArgvW

imagehlp

ImageGetDigestStream
ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData

kernel32

GetCurrentThreadId
RaiseException
GetTickCount
_lclose
CreateFiberEx
lstrlenA
GetLocaleInfoA
GetCurrentProcess
DeleteFileA
HeapAlloc
RemoveDirectoryA
GetTempFileNameW
UpdateResourceW
GlobalFree
GetSystemTimeAsFileTime
MoveFileW
GlobalAlloc
GetACP
UnhandledExceptionFilter
BeginUpdateResourceW
TerminateProcess
lstrcmpiA
CopyFileW
GetFullPathNameW
CreateFileW
DeleteFileW
GetProcAddress
EnumResourceNamesW
SetEndOfFile
EscapeCommFunction
EnumResourceTypesW
QueryPerformanceCounter
CloseHandle
GetLastError
InterlockedCompareExchange
InterlockedIncrement
GetModuleHandleW
HeapFree
HeapReAlloc
GetFullPathNameA
CreateDirectoryW
SetLastError
GetOEMCP
CreateFileA
GetFileAttributesA
GetThreadLocale
FindNextFileW
LockResource
GetFileSize
LoadLibraryExA
RemoveDirectoryW
FindClose
MapViewOfFile
lstrlenW
OutputDebugStringA
GlobalUnlock
SetFileAttributesW
CreateDirectoryA
SizeofResource
GetCurrentDirectoryW
GlobalLock
FindNextFileA
EnumResourceNamesA
Sleep
InterlockedExchange
GetVersionExA
_llseek
CopyFileA
LoadLibraryExW
EnterCriticalSection
CreateFileMappingA
GetStringTypeExW
LoadResource
GetEnvironmentVariableA
LoadLibraryA
GetFileInformationByHandle
DeleteCriticalSection
GetSystemDirectoryA
SetUnhandledExceptionFilter
HeapDestroy
UnmapViewOfFile
AreFileApisANSI
ReadFile
DebugBreak
LocalFree
FindResourceW
InterlockedDecrement
FormatMessageW
SetFilePointer
FreeResource
MultiByteToWideChar
WideCharToMultiByte
FatalExit
SetFileAttributesA
WriteFile
FreeLibrary
FindFirstFileA
_lread
FindFirstFileW
GetCommandLineW
GetProcessHeap
_lwrite
EndUpdateResourceW
ExitProcess
GetCurrentProcessId
LeaveCriticalSection
GetFileAttributesW
GetVersionExW
EnumResourceLanguagesW
InitializeCriticalSection
HeapSize
FindResourceExW
GetTempPathW
GetVersion
IsDebuggerPresent
lstrcpyA

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39aae10368b32719f814b1d65af6faa7

Headers

File Characteristics

Imports

msvfw32

user32

psapi

advapi32

shell32

imagehlp

kernel32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 18KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 18KB

.lib
Size: 512B - Virtual size: 96KB