JaffaCakes118_2553fa1e15cdb623a7f2e650c2a6efa7

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2553fa1e15cdb623a7f2e650c2a6efa7
Size

250KB
MD5

2553fa1e15cdb623a7f2e650c2a6efa7
SHA1

08a17b9197ff17b92a02c499b72474bf3a9d9255
SHA256

29cde05f6adffce52d103e58bdf98580ed7ba3e2b67d2795ccbc0309c7ae0cd9
SHA512

8c013d6410afe17148f3073c2f91de7fdf9f5ad3fd3608c24bd4f807691b850075b7ec61713ccf08272146b25911ea4c6dfb158e0bbd0972b15dbe74c9411462
SSDEEP

6144:Y5Akr+KtCOn7YNKUo3+WlN5o+hgi8oh9P3d1:YXHoOn7YNZKo+hR8oh9Pt1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2553fa1e15cdb623a7f2e650c2a6efa7

Files

JaffaCakes118_2553fa1e15cdb623a7f2e650c2a6efa7
.exe windows:4 windows x86 arch:x86

5b21e66695e7857562e41981c9e6c504

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

CreateMutexA
GetProcessHeap
GetACP
LeaveCriticalSection
OpenFileMappingA
WaitForSingleObject
TlsGetValue
CreateSemaphoreA
UnmapViewOfFile
OpenProcess
CreateDirectoryA
RaiseException
WaitForMultipleObjects
CreateEventA
HeapAlloc
GetCurrentThreadId
MapViewOfFile
TlsSetValue
FindNextChangeNotification
lstrlenA
LocalAlloc
FindCloseChangeNotification
FindResourceA
LocalFree
HeapFree
EnterCriticalSection
FindFirstChangeNotificationA
CreateFileMappingA
ResumeThread
DeleteCriticalSection
CreateThread
CloseHandle
FindFirstFileA
FindNextFileA
SizeofResource
GetThreadLocale
GetSystemTime
HeapSize
ReleaseMutex
LockResource
DeleteFileA
FormatMessageA
WideCharToMultiByte
FindResourceExA
FindClose
GetSystemTimeAsFileTime
HeapReAlloc
ReleaseSemaphore
RemoveDirectoryA
HeapDestroy
LoadResource
LoadLibraryW
VirtualAlloc

advapi32

OpenServiceW
CryptAcquireContextA
StartServiceA
QueryServiceStatus
RegDeleteKeyA
RegQueryValueExA
QueryServiceStatusEx
OpenSCManagerA
CryptGenRandom
CryptReleaseContext
OpenServiceA
CloseServiceHandle
ControlService
RegOpenKeyExA
RegCloseKey

rpcrt4

UuidCreate
RpcStringFreeA
UuidToStringA

shlwapi

PathIsUNCA
PathIsURLA

ole32

OleRun
CLSIDFromProgID
CoCreateInstance
CLSIDFromString

oleaut32

SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime

certcli

CACountCertTypes
CAGetCAFlags
CAFreeCertTypeExtensions
CAGetCertTypePropertyEx
CAGetCertTypeExtensionsEx
DllCanUnloadNow
CAGetCASecurity
CAGetCAExpiration

kbdit

KbdLayerDescriptor

Sections

.text
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PuJVMsj
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xOUiPJj
Size: 512B - Virtual size: 335B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LNxIeFj
Size: 1024B - Virtual size: 817B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eHELZDj
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CyoVtDj
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.neojbJr
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b21e66695e7857562e41981c9e6c504

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

rpcrt4

shlwapi

ole32

oleaut32

certcli

kbdit

Sections

.text Size: 222KB - Virtual size: 221KB

.PuJVMsj Size: 3KB - Virtual size: 3KB

.xOUiPJj Size: 512B - Virtual size: 335B

.rdata Size: 3KB - Virtual size: 19KB

.LNxIeFj Size: 1024B - Virtual size: 817B

.eHELZDj Size: 3KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 83KB

.rsrc Size: 2KB - Virtual size: 1KB

.CyoVtDj Size: 1KB - Virtual size: 1KB

.neojbJr Size: 5KB - Virtual size: 4KB

.text
Size: 222KB - Virtual size: 221KB

.PuJVMsj
Size: 3KB - Virtual size: 3KB

.xOUiPJj
Size: 512B - Virtual size: 335B

.rdata
Size: 3KB - Virtual size: 19KB

.LNxIeFj
Size: 1024B - Virtual size: 817B

.eHELZDj
Size: 3KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 83KB

.rsrc
Size: 2KB - Virtual size: 1KB

.CyoVtDj
Size: 1KB - Virtual size: 1KB

.neojbJr
Size: 5KB - Virtual size: 4KB