JaffaCakes118_20ae8c88723057c88d153980dd188cdb

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_20ae8c88723057c88d153980dd188cdb
Size

249KB
MD5

20ae8c88723057c88d153980dd188cdb
SHA1

d24abf5ed755b15ad7d85cc660ff73d302bec83a
SHA256

59ba1f825f7f0e8e08520bd2c606f7e0fb6a48e49f6a82f8565672894df1a397
SHA512

ef9f01739c6a911283cc3eaa9e4e3870e4eb77fd72b750e502c1507375f3fe7695c0960c0584c7dc4e5a6f1104a6abe6e653fba3c9ff24cc856267c19c2f38a2
SSDEEP

6144:pbltZ+YtfCRKEhvECP/8L8LJOpEPdADv3NyJNa215tFC:p5tHtEKEhc4OpE1ADfY3au5tFC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_20ae8c88723057c88d153980dd188cdb

Files

JaffaCakes118_20ae8c88723057c88d153980dd188cdb
.exe windows:4 windows x86 arch:x86

41c476cdec983244ac11ddc4c6271dc2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
MulDiv
CreateEventW
SetErrorMode
ExpandEnvironmentStringsA
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
MoveFileW
WaitForSingleObject
GetTimeFormatW
CreateMutexW
FileTimeToSystemTime
CompareFileTime
GetLocalTime
GetVolumeInformationW
LocalAlloc
LocalFree
GetDateFormatW
OpenEventW
GetTempPathW
CreateDirectoryW
RemoveDirectoryW
FreeLibrary
GetWindowsDirectoryW
GetSystemDirectoryW
LoadLibraryW
GetProcAddress

user32

GetForegroundWindow
GetActiveWindow
SetCapture
SetWindowLongW
GetIconInfo
LoadCursorW
SetCursor
GetFocus
CopyRect
GetSystemMetrics
DestroyIcon
IsWindow
InvalidateRect
SendMessageW
GetSysColor
LoadIconW
LoadImageW
MessageBoxW
EnableWindow

gdi32

CreatePalette
CreateCompatibleDC
CreatePen
GetStockObject
CreateFontIndirectW
CreateSolidBrush
DeleteObject
CreatePatternBrush

advapi32

RevertToSelf
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shell32

ShellExecuteW

usp10

UspFreeMem
ScriptCacheGetHeight
ScriptBreak

termmgr

DllUnregisterServer
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.URsGpT
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cAN
Size: 512B - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EQMGgv
Size: 4KB - Virtual size: 765KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.f
Size: 104KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pwa
Size: 2KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SGv
Size: 2KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i
Size: 109KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41c476cdec983244ac11ddc4c6271dc2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

shell32

usp10

termmgr

Sections

.text Size: 14KB - Virtual size: 13KB

.URsGpT Size: 512B - Virtual size: 1KB

.cAN Size: 512B - Virtual size: 49KB

.rdata Size: 3KB - Virtual size: 24KB

.EQMGgv Size: 4KB - Virtual size: 765KB

.f Size: 104KB - Virtual size: 126KB

.Pwa Size: 2KB - Virtual size: 32KB

.SGv Size: 2KB - Virtual size: 563KB

.data Size: 6KB - Virtual size: 23KB

.i Size: 109KB - Virtual size: 198KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.URsGpT
Size: 512B - Virtual size: 1KB

.cAN
Size: 512B - Virtual size: 49KB

.rdata
Size: 3KB - Virtual size: 24KB

.EQMGgv
Size: 4KB - Virtual size: 765KB

.f
Size: 104KB - Virtual size: 126KB

.Pwa
Size: 2KB - Virtual size: 32KB

.SGv
Size: 2KB - Virtual size: 563KB

.data
Size: 6KB - Virtual size: 23KB

.i
Size: 109KB - Virtual size: 198KB

.rsrc
Size: 2KB - Virtual size: 1KB