JaffaCakes118_17d1184d0b66dd1fff0e7421b12f9bcb

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_17d1184d0b66dd1fff0e7421b12f9bcb
Size

192KB
MD5

17d1184d0b66dd1fff0e7421b12f9bcb
SHA1

8397677ff14d7f533262416f712f29d01ebc0d67
SHA256

e33ff2f96f6e3d8f9a5cb7fde38e81718a5dd3dfb8ba6884c04d822c0ee6c748
SHA512

5416f72e0a73621ddc97109419df4fdf2b5a9a1834879444736f32e095c0392d31c38b362c8fa9a700f45a000a9f67af63cd904c0ee3b9e2b0d2a00c0f04861a
SSDEEP

3072:ix3curZjnCzsUNswxY8yP+0PYig9kmMv4H729V0LN7kY2L7MvbNczKrolV7n8Gt1:ix3pF0f+8yPxgigW4696LxaIktn8GPxy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_17d1184d0b66dd1fff0e7421b12f9bcb

Files

JaffaCakes118_17d1184d0b66dd1fff0e7421b12f9bcb
.exe windows:4 windows x86 arch:x86

7901e360e93fa1c00dd911494644049c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFile
CreateFiberEx
lstrlenA
DeleteFileA
GetFileSize
GetFullPathNameW
SetLastError
HeapReAlloc
MultiByteToWideChar
GetACP
RemoveDirectoryA
HeapFree
InterlockedIncrement
GetFileAttributesA
GetCurrentDirectoryW
LoadResource
GetTempPathW
CopyFileW
LeaveCriticalSection
HeapAlloc
GetFileAttributesW
GetSystemDirectoryA
GlobalUnlock
_llseek
FindFirstFileA
SetFileAttributesW
FreeLibrary
LoadLibraryExW
EndUpdateResourceW
EnumResourceTypesW
DeleteCriticalSection
GlobalFree
GetProcAddress
FindNextFileW
GlobalAlloc
MoveFileW
GetModuleHandleW
EscapeCommFunction
InterlockedExchange
IsDebuggerPresent
EnterCriticalSection
FindFirstFileW
MapViewOfFile
WideCharToMultiByte
SizeofResource
FindClose
EnumResourceNamesA
GetTickCount
UpdateResourceW
GetCurrentProcessId
DeleteFileW
RemoveDirectoryW
CreateFileW
LocalFree
_lclose
CloseHandle
EnumResourceLanguagesW
CreateFileA
DebugBreak
FindResourceW
OutputDebugStringA
GetCommandLineW
InterlockedDecrement
GetSystemTimeAsFileTime
lstrcmpiA
CreateDirectoryA
FormatMessageW
FindNextFileA
InitializeCriticalSection
GlobalLock
AreFileApisANSI
WriteFile
GetVersionExA
FatalExit
_lwrite
lstrlenW
GetStringTypeExW
FindResourceExW
FreeResource
GetCurrentProcess
CreateFileMappingA
CopyFileA
GetLocaleInfoA
RaiseException
SetFileAttributesA
ExitProcess
TerminateProcess
GetOEMCP
GetCurrentThreadId
InterlockedCompareExchange
CreateDirectoryW
UnmapViewOfFile
LockResource
GetLastError
LoadLibraryExA
BeginUpdateResourceW
GetFullPathNameA
GetVersionExW
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetTempFileNameW
HeapDestroy
SetFilePointer
Sleep
QueryPerformanceCounter
HeapSize
UnhandledExceptionFilter
GetProcessHeap
LoadLibraryA
EnumResourceNamesW
GetThreadLocale
_lread
GetFileInformationByHandle
SetEndOfFile
GetVersion
lstrcpyA

shell32

CommandLineToArgvW

advapi32

CryptGetHashParam
CryptCreateHash
CryptHashData
CryptReleaseContext
CryptAcquireContextA
CryptDestroyHash

msvfw32

ICInfo

imagehlp

ImageGetDigestStream
ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData

user32

CharNextA
MonitorFromWindow
wsprintfW
CharNextW

psapi

GetProcessMemoryInfo

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7901e360e93fa1c00dd911494644049c

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

msvfw32

imagehlp

user32

psapi

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 224KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 224KB