JaffaCakes118_1859a486ff259e599a134754504f09f4

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_1859a486ff259e599a134754504f09f4
Size

294KB
MD5

1859a486ff259e599a134754504f09f4
SHA1

92c074ac5ba693bbfc3977bdc805ebfe331788a9
SHA256

5b798af663e956f7206cabc0b50a997e46275acec762a189457aa9f5956927ec
SHA512

effb3affda217b7dd82939dfd28cb9ec55b7bd70f8cd6fcd5efaaaf15e09a8705b0a7c9d5db79766af99bbaa7dac40db3bb59a9df11e26551bc650f4bc43f152
SSDEEP

6144:jhp6V3eHT2+iN5lDLtAPamlRqY+y/s+oq/:FeCT2tNuPaK1Jkdq/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1859a486ff259e599a134754504f09f4

Files

JaffaCakes118_1859a486ff259e599a134754504f09f4
.exe windows:4 windows x86 arch:x86

eb43a98fd2617b9e0fb027db553947d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW
ShellExecuteExW
ShellExecuteW

setupapi

SetupIterateCabinetW

shlwapi

PathRemoveFileSpecW
PathCombineW
PathFileExistsW
PathStripToRootW
SHQueryValueExA
PathIsUNCServerShareA
PathIsSameRootW
UrlIsW
StrChrNW
PathUnmakeSystemFolderW
SHRegGetPathA
StrSpnW
StrSpnA
PathCommonPrefixA
StrCmpNA
DelayLoadFailureHook
SHQueryInfoKeyA
AssocQueryStringByKeyA
SHOpenRegStream2W
StrStrA
StrFormatKBSizeA
StrFormatByteSizeA
UrlIsOpaqueW
SHRegGetUSValueA
IntlStrEqWorkerW
PathMatchSpecA

oleaut32

VarUI4FromStr
SysAllocString
SysFreeString
VarBstrCmp

ole32

CoRegisterClassObject
CoCreateInstance
CoTaskMemRealloc
CoRevokeClassObject
CoTaskMemFree
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
StringFromCLSID
CoInitializeSecurity
CoLoadLibrary

user32

GetSystemMetrics
SystemParametersInfoW
ReleaseDC
SetForegroundWindow
ExitWindowsEx
TranslateMessage
CharNextW
MessageBoxW
PeekMessageW
MessageBoxA
DispatchMessageW
GetDC
LoadStringA
MsgWaitForMultipleObjects

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

TlsGetValue
MapViewOfFile
SetCurrentDirectoryW
UnhandledExceptionFilter
GetTempPathW
LoadLibraryExW
lstrlenA
FreeEnvironmentStringsW
lstrlenW
EnterCriticalSection
WideCharToMultiByte
GetCommandLineW
GetTempFileNameW
GetSystemTimeAsFileTime
FindFirstFileW
GetDiskFreeSpaceExW
GetSystemDefaultLangID
ReleaseMutex
HeapSize
UnmapViewOfFile
HeapFree
OutputDebugStringW
HeapDestroy
SetHandleCount
IsProcessorFeaturePresent
DeleteFileW
FindResourceW
GetCurrentThreadId
GetOEMCP
GlobalMemoryStatusEx
GetStdHandle
RemoveDirectoryW
IsDebuggerPresent
GetModuleHandleW
GetSystemWindowsDirectoryW
FormatMessageW
VerifyVersionInfoW
FindResourceExW
FindNextFileW
SetStdHandle
FreeLibrary
HeapReAlloc
GetACP
SetUnhandledExceptionFilter
TlsSetValue
lstrcmpA
GetConsoleCP
GlobalMemoryStatus
GetModuleHandleA
LocalAlloc
LockResource
MulDiv
DeleteCriticalSection
GetSystemDefaultLCID
GetSystemInfo
IsValidCodePage
HeapAlloc
DuplicateHandle
GetProcessHeap
CreateFileMappingW
FlushFileBuffers
lstrcmpiW
FindClose
GetSystemDirectoryW
SetFilePointer
RtlUnwind
GetFileType
SetEnvironmentVariableW
GetCurrentDirectoryW
LeaveCriticalSection
VerSetConditionMask
RaiseException
LCMapStringW
WriteConsoleW
GetPrivateProfileStringW
WriteFile
TlsAlloc
HeapSetInformation
LocalFree
CreateProcessW
CreateMutexW
LoadResource
CreateEventW
SizeofResource
GetConsoleMode
CloseHandle
TlsFree
WaitForSingleObject
SetLastError
CreateDirectoryW
CreateFileW
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
VirtualAllocEx

wintrust

WinVerifyTrust

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

pautoenr

CertAutoRemove

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 245KB - Virtual size: 10.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb43a98fd2617b9e0fb027db553947d5

Headers

File Characteristics

Imports

shell32

setupapi

shlwapi

oleaut32

ole32

user32

version

kernel32

wintrust

gdi32

pautoenr

Sections

.text Size: 23KB - Virtual size: 23KB

.data Size: 245KB - Virtual size: 10.5MB

.rdata Size: 5KB - Virtual size: 387KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 23KB - Virtual size: 23KB

.data
Size: 245KB - Virtual size: 10.5MB

.rdata
Size: 5KB - Virtual size: 387KB

.rsrc
Size: 19KB - Virtual size: 19KB