JaffaCakes118_0a71665ff2bbac2612f0660cc38feb02

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0a71665ff2bbac2612f0660cc38feb02
Size

267KB
MD5

0a71665ff2bbac2612f0660cc38feb02
SHA1

224ae89a13d17c4f556b2f92ba2b49c6bc9d2ebb
SHA256

7268ed297a90118c7eab6c1a2e65f22604c8f725300eaffa2f93c356ad1998fd
SHA512

cca637a5afce106faf0cdd9e46396264db4a89cbb62b5c178b7ba255a73e38a7985d4faccc07055ab06ff334375251811ca2eb077e504896926fa4745490959c
SSDEEP

6144:AC+j1NrPtqmhLOXg83y2WC3d1uf5vQiZKD1dxp/s4:ADllzhLOXr3vW2MfpJZKVpB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0a71665ff2bbac2612f0660cc38feb02

Files

JaffaCakes118_0a71665ff2bbac2612f0660cc38feb02
.exe windows:4 windows x86 arch:x86

2aef63faa6c4c8e599a13e749aef952e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetApiBufferFree
NetUserEnum

kernel32

lstrcmpW
CompareFileTime
lstrlenA
MultiByteToWideChar
lstrlenW
LoadLibraryW
GetLastError
lstrcpynW
FreeLibrary
InitializeCriticalSection
GetCurrentProcess
CreateDirectoryW
GetCurrentThread
GetFileAttributesW
GetModuleFileNameW
LocalAlloc
RemoveDirectoryW
GetWindowsDirectoryW
LocalFree
Sleep
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
CreateEventW
GetExitCodeProcess
SetEvent
GetVersionExW
ExpandEnvironmentStringsA
LoadLibraryA
OpenEventW
GetModuleHandleW
GetTempPathW
SetUnhandledExceptionFilter
GetProcAddress

user32

GetForegroundWindow
GetSystemMetrics
CopyRect
RegisterWindowMessageW
GetCursorPos
InvalidateRect
GetFocus
LoadCursorW
DestroyIcon
GetSysColor
MoveWindow
IsWindow
GetTopWindow
SetTimer
OffsetRect
PostMessageW
SetWindowPos
SendMessageW
EnableWindow

gdi32

CreateFontIndirectW
CreateRectRgn
CreateCompatibleDC
DeleteObject
CreatePatternBrush
CreateSolidBrush

advapi32

IsValidSecurityDescriptor
FreeSid
RegOpenKeyExA
RegQueryValueExA
OpenServiceW
StartServiceW
QueryServiceStatus
OpenSCManagerW
CloseServiceHandle
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RevertToSelf
AddAccessAllowedAce
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AccessCheck
SetSecurityDescriptorGroup
OpenThreadToken
OpenProcessToken
GetLengthSid

shell32

ShellExecuteW

msasn1

ASN1intx_free
ASN1BERDecUTF8String
ASN1BEREncMultibyteString
ASN1BEREncOpenType
ASN1open_cmp
ASN1generalizedtime_cmp
ASN1_CreateDecoderEx
ASN1BEREncCheck
ASN1BEREncRemoveZeroBits
ASN1char32string_cmp
ASN1intx_sub
ASN1BERDecNotEndOfContents

kbdbu

KbdLayerDescriptor

Sections

.edata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ding
Size: 3KB - Virtual size: 830KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.X
Size: 512B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PX
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 84KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.npO
Size: 4KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RARlR
Size: 2KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 135KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FeesU
Size: 4KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2aef63faa6c4c8e599a13e749aef952e

Headers

File Characteristics

Imports

netapi32

kernel32

user32

gdi32

advapi32

shell32

msasn1

kbdbu

Sections

.edata Size: 7KB - Virtual size: 7KB

.Ding Size: 3KB - Virtual size: 830KB

.X Size: 512B - Virtual size: 35KB

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 37KB

.PX Size: 512B - Virtual size: 10KB

.edata Size: 84KB - Virtual size: 161KB

.npO Size: 4KB - Virtual size: 468KB

.data Size: 6KB - Virtual size: 311KB

.RARlR Size: 2KB - Virtual size: 354KB

.edata Size: 135KB - Virtual size: 190KB

.FeesU Size: 4KB - Virtual size: 269KB

.rsrc Size: 2KB - Virtual size: 2KB

.edata
Size: 7KB - Virtual size: 7KB

.Ding
Size: 3KB - Virtual size: 830KB

.X
Size: 512B - Virtual size: 35KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 37KB

.PX
Size: 512B - Virtual size: 10KB

.edata
Size: 84KB - Virtual size: 161KB

.npO
Size: 4KB - Virtual size: 468KB

.data
Size: 6KB - Virtual size: 311KB

.RARlR
Size: 2KB - Virtual size: 354KB

.edata
Size: 135KB - Virtual size: 190KB

.FeesU
Size: 4KB - Virtual size: 269KB

.rsrc
Size: 2KB - Virtual size: 2KB