JaffaCakes118_1cbabdf51e9f12483e13a7b633648b2a

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_1cbabdf51e9f12483e13a7b633648b2a
Size

266KB
MD5

1cbabdf51e9f12483e13a7b633648b2a
SHA1

4f4d666e3ac32fb7970b814f92ab0d5fba3484c8
SHA256

5c2ea538e2cf268bdd7db876c213dbe2f8f2f439860567206144d6f3376ac01b
SHA512

eeef6944c5532d0bc3965b7ea31ee1b186564f6b3dbfb0cdc50ea986e709c0c8b168e9968cd4c07116c7e1bebde6e1924ca4392cb1fbb6a04168d8f99c848df8
SSDEEP

6144:g3UdEwOA6TAk/HFIfbYghLgLn8OA1btP2Xv0Ny/Hc+F5jDD7s2K88:gkdE3TRd6MD8OaBP80Ny/HcQNf7s2K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1cbabdf51e9f12483e13a7b633648b2a

Files

JaffaCakes118_1cbabdf51e9f12483e13a7b633648b2a
.exe windows:4 windows x86 arch:x86

932feeeb510d539d04739f9f680f6a1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
SetUnhandledExceptionFilter
LoadLibraryW
LoadLibraryExW
lstrlenW
GetCurrentProcess
GetACP
GetThreadLocale
HeapAlloc
CloseHandle
GetModuleHandleA
lstrlenA
HeapReAlloc
SystemTimeToFileTime
GetSystemTimeAsFileTime
HeapFree
TerminateProcess
InterlockedExchange
InterlockedCompareExchange
HeapDestroy
GetCurrentProcessId
GetProcessHeap
GetEnvironmentVariableA
EnumSystemLanguageGroupsW
GetStdHandle
LocalAlloc
MultiByteToWideChar
CreateFileW
WideCharToMultiByte
QueryPerformanceCounter
IsDebuggerPresent
GetCurrentThreadId
GetWriteWatch
GetSystemTime
HeapSize
Sleep
WriteFile
GetStartupInfoA
CreateProcessA
UnhandledExceptionFilter
GetLocaleInfoA
RaiseException
GetTickCount
lstrcpynW

user32

IsWindow
GetDlgItem
ReleaseDC
SetWindowPos
SetWindowLongA
ReleaseCapture
GetWindowInfo
GetWindowLongA
SetCursor
GetDC
FillRect
MoveWindow
GetSysColor
LoadCursorA
SetCapture

gdi32

DeleteDC
CreateCompatibleDC
EnumFontFamiliesExA
RestoreDC
GetStockObject
GetObjectA
SelectObject
CreateSolidBrush
GetDeviceCaps
Rectangle
BitBlt
GetTextExtentPoint32A
DeleteObject
SetBkMode
DeleteMetaFile
SaveDC
CreateRectRgn
TextOutA
CreateFontIndirectA
SetTextColor
CreateCompatibleBitmap

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

winmm

mciSendCommandA
sndPlaySoundA

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

advapi32

RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

932feeeb510d539d04739f9f680f6a1b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

winmm

oleacc

version

advapi32

ole32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 3KB - Virtual size: 142KB

.data Size: 197KB - Virtual size: 197KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 3KB - Virtual size: 142KB

.data
Size: 197KB - Virtual size: 197KB

.rsrc
Size: 512B - Virtual size: 4KB