JaffaCakes118_191b48eb29f01b397d42f875e8565d6d

General

Target

JaffaCakes118_191b48eb29f01b397d42f875e8565d6d
Size

205KB
MD5

191b48eb29f01b397d42f875e8565d6d
SHA1

1c0c5b2a2292c3f36ccc5edb4d755b347ac2d17a
SHA256

c931c22a2225d9b810539b67a13a140aab9badf65ffcfc00ae1cab8ede64fdc3
SHA512

3ee73096d1c32dee6edf3e7e7d405a8a1609882668d364f70dd8028468dab2cc88f11072c6a846512b70734404c7839e0d08ae55042b6fd297d098c2c5918e34
SSDEEP

6144:71eSAVmF+lcjFbFUjADBzoKGNmvh7xLv:0SAVgMc3D5mNM/Lv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_191b48eb29f01b397d42f875e8565d6d

Files

JaffaCakes118_191b48eb29f01b397d42f875e8565d6d
.exe windows:4 windows x86 arch:x86

21d996d45cc7858284e5cb67c3c0cf24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CreateItemMoniker
CoUninitialize
StringFromCLSID
CoFreeUnusedLibraries
CoRegisterClassObject
CoCreateInstance
CoRevokeClassObject
CoInitializeEx
CoInitialize
GetRunningObjectTable
CreateStreamOnHGlobal
StringFromGUID2
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc

kernel32

CreateFiberEx
InitializeCriticalSection
ResumeThread
LocalFree
DeleteCriticalSection
ClearCommError
CreateEventA
GetCurrentProcessId
EnumResourceNamesA
EnterCriticalSection
CloseHandle
FatalExit
GetVersionExA
WaitForSingleObject
GetACP
GetSystemTimeAsFileTime
CreateThread
SetEvent
LeaveCriticalSection

quartz

AMGetErrorTextW

advapi32

RegCloseKey
RegCreateKeyExA
RegCreateKeyA
RegOpenKeyExA
RegSetValueA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA

winmm

timeGetTime
timeGetDevCaps
timeBeginPeriod
timeEndPeriod

user32

wvsprintfA
LoadStringA
RegisterWindowMessageA
GetMessageA
CreateWindowExA
MonitorFromWindow
GetQueueStatus
PeekMessageA
RegisterClassA
wsprintfA
MsgWaitForMultipleObjects
CopyRect
PostThreadMessageA
DispatchMessageA
DestroyWindow

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21d996d45cc7858284e5cb67c3c0cf24

Headers

File Characteristics

Imports

ole32

kernel32

quartz

advapi32

winmm

user32

shell32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 22KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 22KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 96KB