JaffaCakes118_0aceef0c1362c2501728cedf246dde8a

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0aceef0c1362c2501728cedf246dde8a
Size

257KB
MD5

0aceef0c1362c2501728cedf246dde8a
SHA1

5027127af01d4c1d9cf56a7638ae532a82c1af65
SHA256

595fa8879301b7f689508ea72e56a636d5857c0b6808a8daeae8d6a6f28b039b
SHA512

013a328735d9955f04d44bf34e0bc6752c0d98eafc9a6ff0598c93cd7aedabd75497058752ac2fcd65fc7a7e8b11831901f67fa602d224e254fb0c093b910e50
SSDEEP

6144:WrAiQmeQFILv8mMzgzYV1iZy0HimQcZg7/5auhzSwCm:WM0FIv8nMUYZTC4g7hauhOwCm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0aceef0c1362c2501728cedf246dde8a

Files

JaffaCakes118_0aceef0c1362c2501728cedf246dde8a
.exe windows:4 windows x86 arch:x86

73f5eb57834d6000cd06da8322a5fd7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

user32

TranslateMessage
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW

kernel32

GetProcessHeap
FindResourceExW
CreateEventW
FileTimeToSystemTime
DeleteCriticalSection
FindResourceW
UnhandledExceptionFilter
OpenProcess
LocalAlloc
LockResource
HeapReAlloc
DeleteFileW
SizeofResource
GetFileSize
LoadLibraryExW
WriteFile
GetACP
CloseHandle
WideCharToMultiByte
HeapAlloc
LoadResource
GetSystemTime
DeviceIoControl
CreateFileW
lstrlenA
SetFilePointer
LeaveCriticalSection
CreateSemaphoreW
lstrlenW
FreeLibrary
SetUnhandledExceptionFilter
EnterCriticalSection
FormatMessageW
GetCurrentThreadId
HeapDestroy
HeapFree
WaitForSingleObject
ReadFile
DisableThreadLibraryCalls
RaiseException
HeapSize
ReleaseSemaphore
SetLastError
IsDebuggerPresent
SetEndOfFile
SetFileAttributesW
GetSystemTimeAsFileTime
CreateThread
VirtualAllocEx
IsBadWritePtr

iphlpapi

GetIpNetTable
GetIpForwardTable
SendARP
GetIpAddrTable
GetAdaptersInfo
GetTcpTable
GetAdaptersAddresses
NotifyRouteChange
GetUdpTable
NotifyAddrChange

ws2_32

WSAStartup
ntohs
WSACleanup
inet_addr

rpcrt4

RpcRevertToSelf
UuidCreate
RpcImpersonateClient

oleaut32

VariantInit
VariantClear
SysFreeString
SysAllocString
SafeArrayCreate
SafeArrayDestroy

advapi32

QueryServiceConfigW
GetTraceEnableFlags
RegisterTraceGuidsW
ControlTraceW
OpenServiceW
RegQueryValueExW
GetTraceEnableLevel
GetSidSubAuthorityCount
UnregisterTraceGuids
CloseServiceHandle
QueryServiceStatusEx
ControlService
StartServiceW
RegSetValueExW
OpenProcessToken
TraceMessage
GetTraceLoggerHandle
GetSidSubAuthority
GetTokenInformation
OpenSCManagerW
RegOpenKeyExW
RegCloseKey

shlwapi

PathAddBackslashW

userenv

GetAllUsersProfileDirectoryW
LoadUserProfileA
GetAppliedGPOListW
EnterCriticalPolicySection
WaitForUserPolicyForegroundProcessing

cabinet

DllGetVersion

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wIJW
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jFMR
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KQuci
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kyvMyUp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rvCsfCp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eppinCp
Size: 1024B - Virtual size: 938B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FtEFtCp
Size: 1024B - Virtual size: 621B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NzHAfCp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73f5eb57834d6000cd06da8322a5fd7b

Headers

DLL Characteristics

File Characteristics

Imports

ole32

user32

kernel32

iphlpapi

ws2_32

rpcrt4

oleaut32

advapi32

shlwapi

userenv

cabinet

Sections

.text Size: 222KB - Virtual size: 222KB

.wIJW Size: 4KB - Virtual size: 4KB

.jFMR Size: 1KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 16KB

.KQuci Size: 4KB - Virtual size: 3KB

.kyvMyUp Size: 2KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 273KB

.rsrc Size: 2KB - Virtual size: 2KB

.rvCsfCp Size: 4KB - Virtual size: 4KB

.eppinCp Size: 1024B - Virtual size: 938B

.FtEFtCp Size: 1024B - Virtual size: 621B

.NzHAfCp Size: 1KB - Virtual size: 1KB

.text
Size: 222KB - Virtual size: 222KB

.wIJW
Size: 4KB - Virtual size: 4KB

.jFMR
Size: 1KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 16KB

.KQuci
Size: 4KB - Virtual size: 3KB

.kyvMyUp
Size: 2KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 273KB

.rsrc
Size: 2KB - Virtual size: 2KB

.rvCsfCp
Size: 4KB - Virtual size: 4KB

.eppinCp
Size: 1024B - Virtual size: 938B

.FtEFtCp
Size: 1024B - Virtual size: 621B

.NzHAfCp
Size: 1KB - Virtual size: 1KB