JaffaCakes118_0ab197b09d1a1971b97b9fa4c65329f7

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0ab197b09d1a1971b97b9fa4c65329f7
Size

340KB
MD5

0ab197b09d1a1971b97b9fa4c65329f7
SHA1

387418d610bbf1542340eeadd4109574664ecf41
SHA256

64813f82eaf937ac2f777304b520f6cd1430e2e1e619ecbb73c28eb01cb5651d
SHA512

09f481b4aad5fb6e0a900c94577a12be151298986a3a4f7d5610f630308a92f8ad458205934cad23d4af18af9523c2637c89ef9154b077e8200751365d408e1c
SSDEEP

6144:N7C4fdsOCHTCHCzlViux6KrpJyqkPPNmy1/gbjEJfS9ynFlRhS0:E4fidRaS6K1JyqkXNLdJfFnLp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0ab197b09d1a1971b97b9fa4c65329f7

Files

JaffaCakes118_0ab197b09d1a1971b97b9fa4c65329f7
.exe windows:5 windows x86 arch:x86

d2d994c8f302d8851aecbf3e644f622a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleUninitialize
OleInitialize

user32

GetWindowThreadProcessId
EnumWindows
GetWindowTextW
IsWindowVisible
PostMessageW
EnumChildWindows
SendMessageTimeoutW
GetClassNameW

advapi32

GetLengthSid
AddAccessAllowedAce
CloseServiceHandle
RegEnumValueW
RegQueryInfoKeyW
RegLoadKeyW
RegCloseKey
InitializeAcl
AllocateAndInitializeSid
OpenProcessToken
FreeSid
RegSetKeySecurity
EnumServicesStatusW
RegQueryValueExW
ControlService
RegOpenKeyExW
AdjustTokenPrivileges
RegDeleteKeyW
QueryServiceConfigW
SetSecurityDescriptorDacl
RegEnumKeyExW
RegSetValueExW
CreateServiceW
DeleteService
SetSecurityDescriptorOwner
RegCreateKeyExW
RegDeleteValueW
RegUnLoadKeyW
LookupPrivilegeValueW
QueryServiceStatus
StartServiceW
OpenSCManagerW
InitializeSecurityDescriptor
OpenServiceW

kernel32

QueryDosDeviceW
GetShortPathNameW
GetOEMCP
GetConsoleCP
ReadProcessMemory
OpenSemaphoreA
GetTimeZoneInformation
TlsAlloc
GetTempPathW
FreeEnvironmentStringsW
WaitForSingleObject
GetWindowsDirectoryW
GetModuleHandleW
VirtualQueryEx
OpenFileMappingA
WriteProcessMemory
GetModuleHandleA
CloseHandle
GetSystemDefaultLangID
GetLogicalDrives
GetDriveTypeW
OpenMutexA
IsDebuggerPresent
ExpandEnvironmentStringsW
GetSystemDirectoryW
RemoveDirectoryW
GetSystemInfo
VirtualFree
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetPrivateProfileStructW
RtlUnwind
FindNextFileW
HeapSize
FindFirstFileW
OpenProcess
WriteFile
ReleaseMutex
WritePrivateProfileStructW
WideCharToMultiByte
TlsGetValue
GetCurrentThreadId
DeviceIoControl
CreateRemoteThread
HeapAlloc
SetLastError
CreateFileA
MoveFileW
FindClose
WriteConsoleA
VirtualProtectEx
LeaveCriticalSection
FatalAppExitA
LCMapStringW
HeapFree
LCMapStringA
EnterCriticalSection
FlushFileBuffers
GetPrivateProfileStringW
SuspendThread
TlsFree
UnmapViewOfFile
CreateFileW
HeapReAlloc
CopyFileW
EnumSystemLocalesA
GetConsoleOutputCP
ResumeThread
CreateMutexA
GetUserDefaultLCID
SetUnhandledExceptionFilter
SetStdHandle
FreeLibrary
VirtualAlloc
GetConsoleMode
CreateFileMappingA
SetHandleCount
ReleaseSemaphore
WriteConsoleW
TlsSetValue
CreateSemaphoreA
GetACP
GetTimeFormatA
UnhandledExceptionFilter
GetThreadContext
DeleteCriticalSection
CompareStringA
GetFullPathNameW
HeapDestroy
MapViewOfFileEx
IsValidLocale
SetProcessWorkingSetSize
SetThreadAffinityMask
SetFilePointer
TerminateThread
InitializeCriticalSectionAndSpinCount
WritePrivateProfileStringW
ReadFile
SetConsoleCtrlHandler
IsValidCodePage
GetFileType
SetEnvironmentVariableA
CompareStringW
GetStdHandle
GetDateFormatA
RaiseException
CreateProcessW
GetCommandLineA
LoadLibraryA
VirtualAllocEx

comctl32

ImageList_LoadImageA
ImageList_SetBkColor
ImageList_Destroy
ShowHideMenuCtl
FlatSB_SetScrollRange
CreatePropertySheetPageA
FlatSB_SetScrollInfo
ImageList_DragEnter
InitCommonControlsEx

zipfldr

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2d994c8f302d8851aecbf3e644f622a

Headers

File Characteristics

Imports

ole32

user32

advapi32

kernel32

comctl32

zipfldr

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 312KB - Virtual size: 652KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 312KB - Virtual size: 652KB

.rsrc
Size: 2KB - Virtual size: 2KB