JaffaCakes118_3202f576752381eb5767f1f2015cf53e

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_3202f576752381eb5767f1f2015cf53e
Size

263KB
MD5

3202f576752381eb5767f1f2015cf53e
SHA1

64b0cb00116ea6ff401bd70d6cb6e54711f4abfc
SHA256

876d90f1704103dac24ddf37614e636e5cb353914fdd4ce58a05257d38acc985
SHA512

5f8cf488fadffe81a47f379b94044763c154fdc5c0cca6b1e476284b3e40c4917fa3f438ea1b2cf7588043e1c30dda416e65da4ea733a6275ad93682bdc14fbf
SSDEEP

6144://gIBjsg+6svLS0NYo2KDlZ9MnHnjnXZu0FQ44://hsg+6sve0WUv9MnHnLXw0iP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3202f576752381eb5767f1f2015cf53e

Files

JaffaCakes118_3202f576752381eb5767f1f2015cf53e
.exe windows:4 windows x86 arch:x86

f03159bc26b4245304d2d8a7585f6c89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
GetTickCount
GetCurrentProcess
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
HeapCreate
ExitProcess
GetModuleFileNameA
GetEnvironmentStringsW
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
BeginUpdateResourceW
GetProcAddress

user32

GetSystemMetrics
GetIconInfo
SetCapture
IsWindow
EnumWindows
LoadMenuW
DefWindowProcA
GetDesktopWindow
GetMenuStringW
SetMenu
PostMessageA
SetTimer
CharLowerA
GetCapture
GetDlgItemTextA
AppendMenuW
GetScrollPos
CreateAcceleratorTableW
GetMenuItemID
GetDCEx
WaitForInputIdle
SetWindowRgn
GetSysColor
SetCursor
GetActiveWindow
ActivateKeyboardLayout
CreateWindowExA

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW

mssip32

CryptSIPGetSignedDataMsg
CryptSIPRemoveSignedDataMsg
DllRegisterServer

gdi32

TranslateCharsetInfo
CreatePatternBrush
CreateDIBSection
GetTextExtentPointA
SetEnhMetaFileBits
CreateBitmap
CreateICA

sfc

SRSetRestorePointA
SfpVerifyFile
SRSetRestorePointW
SfcGetNextProtectedFile
SRSetRestorePoint

Sections

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ugr
Size: 4KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Vw
Size: 3KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 77KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GNorl
Size: 4KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GZ
Size: 512B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DGxYI
Size: 2KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f03159bc26b4245304d2d8a7585f6c89

Headers

File Characteristics

Imports

kernel32

user32

advapi32

mssip32

gdi32

sfc

Sections

.rdata Size: 4KB - Virtual size: 4KB

.text Size: 16KB - Virtual size: 16KB

.ugr Size: 4KB - Virtual size: 434KB

.rdata Size: 2KB - Virtual size: 43KB

.Vw Size: 3KB - Virtual size: 311KB

.edata Size: 77KB - Virtual size: 84KB

.GNorl Size: 4KB - Virtual size: 264KB

.data Size: 6KB - Virtual size: 257KB

.GZ Size: 512B - Virtual size: 60KB

.edata Size: 139KB - Virtual size: 199KB

.DGxYI Size: 2KB - Virtual size: 411KB

.rsrc Size: 2KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 16KB

.ugr
Size: 4KB - Virtual size: 434KB

.rdata
Size: 2KB - Virtual size: 43KB

.Vw
Size: 3KB - Virtual size: 311KB

.edata
Size: 77KB - Virtual size: 84KB

.GNorl
Size: 4KB - Virtual size: 264KB

.data
Size: 6KB - Virtual size: 257KB

.GZ
Size: 512B - Virtual size: 60KB

.edata
Size: 139KB - Virtual size: 199KB

.DGxYI
Size: 2KB - Virtual size: 411KB

.rsrc
Size: 2KB - Virtual size: 2KB