JaffaCakes118_20ecca471ce1a022ea088c32e0af2b41

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_20ecca471ce1a022ea088c32e0af2b41
Size

329KB
MD5

20ecca471ce1a022ea088c32e0af2b41
SHA1

5983a897c332351852606eb81f7020ae46d9b2b9
SHA256

bc9b72dd810b3ba91b4ba07581928faceffd9c00f1e242e7d2123a91126cb642
SHA512

d000d0d3d70d09fbffc156248e3ccf362341441a2edc830c6da78b96b9cc90b6993cad0a8b6aaa76a4940a9707584b038b2714952829afced823064066487668
SSDEEP

6144:fd0ROdAms95LZabZEetpULoOAlk0d7gxtpE05kAB9:fiKAms/LyZZtpULoOuw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_20ecca471ce1a022ea088c32e0af2b41

Files

JaffaCakes118_20ecca471ce1a022ea088c32e0af2b41
.exe windows:4 windows x86 arch:x86

e9ce3bb75b6217ede37460848d858e18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnregisterClassA
CharLowerBuffW

userenv

UnloadUserProfile

kernel32

SetFileTime
RaiseException
DeviceIoControl
LockResource
CreateThread
HeapReAlloc
IsDebuggerPresent
OutputDebugStringW
LeaveCriticalSection
SetUnhandledExceptionFilter
FindResourceW
SetWaitableTimer
CancelWaitableTimer
GetSystemTimeAsFileTime
LocalFree
HeapSize
IsValidLocale
SetFilePointer
SizeofResource
SetLastError
CloseHandle
WaitForMultipleObjects
FindClose
GetFileInformationByHandle
lstrlenA
GetComputerNameExW
GetSystemTime
WideCharToMultiByte
FileTimeToSystemTime
CreateEventW
GetCurrentThreadId
FindFirstFileW
HeapDestroy
GetThreadLocale
DeleteCriticalSection
CreateWaitableTimerW
ResumeThread
FindNextFileW
GetProcessHeap
HeapFree
HeapAlloc
FlushFileBuffers
lstrlenW
CreateDirectoryW
SetEndOfFile
SystemTimeToFileTime
LoadResource
DeleteFileW
GetACP
EnterCriticalSection
SetThreadLocale
WriteFile
CreateFileW
FormatMessageW
UnhandledExceptionFilter
TerminateThread
MoveFileW
GetUserDefaultLCID
WaitForSingleObject
FindResourceExW
GetFullPathNameW
VirtualAllocEx

oleaut32

SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetDim
SafeArrayUnlock
VariantChangeTypeEx
SysAllocStringByteLen
VariantInit
SysStringByteLen
VarBstrFromDec
VariantCopy
SafeArrayLock
LoadTypeLi
VariantTimeToSystemTime
VariantCopyInd
SafeArrayGetLBound
SafeArrayCreate
SysStringLen
VarBstrFromBool
VarBstrFromDate
VarCmp
SafeArrayCopy
SysAllocString
LoadRegTypeLi
VariantClear
SysFreeString
SafeArrayPutElement
SysAllocStringLen
VariantChangeType
SystemTimeToVariantTime
SafeArrayRedim
VarUdateFromDate
VarBstrFromCy
VarBstrCmp
SafeArrayGetVartype
VarBstrCat

shlwapi

PathAppendW
PathRemoveExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW

ole32

CoImpersonateClient
CoQueryProxyBlanket
CoUninitialize
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoInitializeEx
CLSIDFromProgID
CoGetInterfaceAndReleaseStream
CoSetProxyBlanket
CoRevertToSelf

advapi32

GetTokenInformation
OpenProcessToken
DeregisterEventSource
GetLengthSid
CopySid
RegQueryValueExW
EqualSid
RegOpenKeyExW
RegCloseKey
ReportEventW
RegisterEventSourceW
IsValidSid
ConvertStringSidToSidW
LookupAccountSidW
OpenThreadToken

ws2_32

shutdown
recv
WSACleanup
socket
gethostname
closesocket
inet_addr
connect
send
gethostbyaddr
gethostbyname
htons
WSAStartup

cmutil

CmAtolA
CmLoadImageW
CmLoadIconA
IsFarEastNonOSR2Win95
IsLogonAsSystem

htui

HTUI_ColorAdjustmentA
HTUI_DeviceColorAdjustmentW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 549KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9ce3bb75b6217ede37460848d858e18

Headers

File Characteristics

Imports

user32

userenv

kernel32

oleaut32

shlwapi

ole32

advapi32

ws2_32

cmutil

htui

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 296KB - Virtual size: 549KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 296KB - Virtual size: 549KB

.rsrc
Size: 512B - Virtual size: 4KB