JaffaCakes118_0cd1de84471aeb4f2d9de7ebc698badf

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0cd1de84471aeb4f2d9de7ebc698badf
Size

268KB
MD5

0cd1de84471aeb4f2d9de7ebc698badf
SHA1

86723e9b9100b0aebfb5775c618097b76caee20e
SHA256

4b9ae51e9fd0c2beffe62e966a14becd90888139b0e3f4bab7e8e0048544d71b
SHA512

292d1bc333ea24e38695d3987b20f638de1192dd476543c1b24ec2e592a7376153d269baddefacb62c86444d33a6307cd3d30d4f0dbd4bbfe2d74bdc6d19b381
SSDEEP

6144:6O8SFarbBCT2Tllzl4X5xwyu4JeGPf3n4X1Jd:5Vs9wox4X5mzIeGPPk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0cd1de84471aeb4f2d9de7ebc698badf

Files

JaffaCakes118_0cd1de84471aeb4f2d9de7ebc698badf
.exe windows:4 windows x86 arch:x86

095b10a766affd05a4fcfd92f0d97bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegOpenKeyA
RegCreateKeyExA
RegQueryValueExW
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegOpenCurrentUser
RegOpenKeyExW

kernel32

ReleaseMutex
CreateMutexW
WaitForSingleObject
WaitForMultipleObjects
GetTempFileNameW
IsValidCodePage
CreateDirectoryW
SizeofResource
FlushInstructionCache
IsProcessorFeaturePresent
FlushFileBuffers
WideCharToMultiByte
lstrcpyA
HeapDestroy
SetLastError
MulDiv
CreateEventA
RaiseException
WriteConsoleW
GetCurrentThreadId
VirtualProtect
FindResourceA
DeleteFileW
HeapReAlloc
GetSystemTimeAsFileTime
WritePrivateProfileStringA
HeapSize
GlobalUnlock
GetOEMCP
LCMapStringW
CloseHandle
HeapAlloc
VirtualQuery
CreateThread
GetConsoleCP
GetLocalTime
GlobalAlloc
IsDBCSLeadByte
GetProcessHeap
WriteConsoleA
LoadLibraryExA
GetSystemInfo
IsDebuggerPresent
TlsSetValue
EnterCriticalSection
CreateMutexA
WaitForSingleObjectEx
CreateFileW
VirtualFree
lstrlenW
FindNextFileA
FindFirstFileA
ReadFile
TlsAlloc
lstrcatA
TlsFree
TlsGetValue
LCMapStringA
GetModuleHandleA
UnhandledExceptionFilter
lstrlenA
LeaveCriticalSection
CreateFileA
GetACP
SetFileAttributesA
SetUnhandledExceptionFilter
SetStdHandle
SetFilePointer
GetConsoleOutputCP
DeleteFileA
lstrcmpA
SetHandleCount
HeapFree
DeleteCriticalSection
lstrcmpiA
OutputDebugStringA
TerminateThread
GetTempPathW
GetFileType
VirtualAlloc
FreeEnvironmentStringsA
GlobalLock
WriteFile
FreeLibrary
GetCommandLineA
GetThreadLocale
GetTempPathA
GetStdHandle
FindClose
RtlUnwind
FreeEnvironmentStringsW
LoadResource
GetConsoleMode
GetVersion

oleaut32

SysFreeString
SysAllocString
UnRegisterTypeLi
VarUI4FromStr
VariantCopy
VariantInit
LoadRegTypeLi
RegisterTypeLi
DispCallFunc
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
OleCreatePropertyFrame
LoadTypeLi
VariantClear
SysStringLen

gdi32

DeleteDC
RestoreDC
GetDeviceCaps
CreateRectRgnIndirect
SetWindowOrgEx
TextOutA
SaveDC
CreateMetaFileA
SetWindowExtEx
SetMapMode
CreateDCA
LPtoDP
SetViewportOrgEx
SetTextAlign
DeleteMetaFile
CloseMetaFile

ole32

CoTaskMemAlloc
CreateDataAdviseHolder
CreateOleAdviseHolder
CoCreateInstance
StringFromGUID2
CoTaskMemFree
OleRegGetMiscStatus
OleSaveToStream
OleRegEnumVerbs
OleLoadFromStream
WriteClassStm
CoTaskMemRealloc
OleRegGetUserType

user32

ReleaseDC
InvalidateRect
MessageBoxA
UnionRect
UnregisterClassA
IsWindow
LoadCursorA
GetForegroundWindow
GetKeyState
IntersectRect
CallWindowProcA
DestroyWindow
ShowWindow
GetDC
OffsetRect
IsChild
GetFocus
wsprintfA
GetClientRect
EqualRect
DefWindowProcA
PtInRect
CharNextA
SetWindowRgn
GetWindowLongA
SetWindowLongA
SetWindowPos
GetParent
SetCursor
SetFocus

cmutil

CmMalloc
SzToWzWithAlloc
MakeBold
ReleaseBold

authz

AuthziInitializeAuditParamsFromArray
AuthzGetInformationFromContext

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.GzBIx
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MFmXD
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PjXbGgd
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yvgClM
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ljdv
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TxXjs
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cHtetRN
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HiDiV
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MlvqK
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LjqYfGo
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lduid
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

095b10a766affd05a4fcfd92f0d97bf8

Headers

File Characteristics

Imports

advapi32

kernel32

oleaut32

gdi32

ole32

user32

cmutil

authz

Sections

.text Size: 20KB - Virtual size: 20KB

.GzBIx Size: 1KB - Virtual size: 1KB

.MFmXD Size: 2KB - Virtual size: 2KB

.PjXbGgd Size: 1KB - Virtual size: 1KB

.yvgClM Size: 512B - Virtual size: 176B

.rdata Size: 5KB - Virtual size: 4KB

.ljdv Size: 2KB - Virtual size: 1KB

.TxXjs Size: 2KB - Virtual size: 1KB

.cHtetRN Size: 3KB - Virtual size: 2KB

.data Size: 213KB - Virtual size: 1.6MB

.HiDiV Size: 2KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 6KB

.MlvqK Size: 2KB - Virtual size: 2KB

.LjqYfGo Size: 1KB - Virtual size: 1KB

.lduid Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.GzBIx
Size: 1KB - Virtual size: 1KB

.MFmXD
Size: 2KB - Virtual size: 2KB

.PjXbGgd
Size: 1KB - Virtual size: 1KB

.yvgClM
Size: 512B - Virtual size: 176B

.rdata
Size: 5KB - Virtual size: 4KB

.ljdv
Size: 2KB - Virtual size: 1KB

.TxXjs
Size: 2KB - Virtual size: 1KB

.cHtetRN
Size: 3KB - Virtual size: 2KB

.data
Size: 213KB - Virtual size: 1.6MB

.HiDiV
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 6KB

.MlvqK
Size: 2KB - Virtual size: 2KB

.LjqYfGo
Size: 1KB - Virtual size: 1KB

.lduid
Size: 2KB - Virtual size: 1KB