JaffaCakes118_325dae9a83554d5b0236085a9fab456f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_325dae9a83554d5b0236085a9fab456f
Size

279KB
MD5

325dae9a83554d5b0236085a9fab456f
SHA1

d38afe2de32dace41d031783332111dd196ddcdd
SHA256

00fe98dce5370ae59a4d22cb3a079ea70d930cdf1c89de299fa54d51acdb8d45
SHA512

88eb472e37cc0bd9de5a1acd6ef3129f65d4b26706a3e487c8406365a32eece9a3c90e1f086bedbe6634d5d0c401252344e101665076bc72954f30ecd9fed356
SSDEEP

6144:klGGQgTEldXbJzcWUUWWagxiR7KQbMX5Xa71Qb+YW3Ns4zeZ:k/3IzXbJznFWWt8VS5XawW3Ns4zeZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_325dae9a83554d5b0236085a9fab456f

Files

JaffaCakes118_325dae9a83554d5b0236085a9fab456f
.exe windows:4 windows x86 arch:x86

28e63fedc3a1938657c80fcdac03fc34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetModuleHandleW
LoadLibraryW
GetModuleFileNameW
SetEvent
Sleep
GetLastError
GetExitCodeThread
GetTempPathW
WaitForSingleObject
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
IsDebuggerPresent
GetVersionExW
LocalFree
LocalAlloc
MulDiv
GetVersion
GetProcAddress

user32

GetActiveWindow
GetIconInfo
GetFocus
IsWindow
CopyRect
LoadImageW
InvalidateRect
DestroyIcon
wsprintfW
LoadIconW
EnableWindow
IsIconic
PostMessageW
GetSystemMetrics
MessageBoxW
SendMessageW

gdi32

CreatePatternBrush
DeleteObject
CreateCompatibleDC
CreatePen
CreateFontIndirectW
CreatePalette
CreateSolidBrush
GetStockObject

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

comctl32

ord17

urlmon

IsValidURL
URLDownloadToFileW

imagehlp

FindFileInPath
SymRegisterCallback64
FindExecutableImage
SymGetLineFromName
SymEnumerateSymbols64
SymGetSymNext
SymFromName
SymGetLinePrev64
SymSetSearchPath
SymEnumerateModules64
StackWalk
ImageRvaToSection
SplitSymbols
SymGetModuleInfoW
SymInitialize
SymGetLineNext64

vss_ps

DllUnregisterServer
DllGetClassObject

Sections

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cS
Size: 3KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lxH
Size: 1024B - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Ph
Size: 4KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 103KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pQ
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 113KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KVAeNH
Size: 5KB - Virtual size: 970KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.g
Size: 3KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28e63fedc3a1938657c80fcdac03fc34

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

urlmon

imagehlp

vss_ps

Sections

.rdata Size: 10KB - Virtual size: 9KB

.text Size: 18KB - Virtual size: 17KB

.cS Size: 3KB - Virtual size: 249KB

.lxH Size: 1024B - Virtual size: 47KB

.rdata Size: 2KB - Virtual size: 14KB

.Ph Size: 4KB - Virtual size: 544KB

.edata Size: 103KB - Virtual size: 142KB

.pQ Size: 1024B - Virtual size: 16KB

.data Size: 7KB - Virtual size: 60KB

.edata Size: 113KB - Virtual size: 204KB

.KVAeNH Size: 5KB - Virtual size: 970KB

.g Size: 3KB - Virtual size: 135KB

.rsrc Size: 8KB - Virtual size: 7KB

.rdata
Size: 10KB - Virtual size: 9KB

.text
Size: 18KB - Virtual size: 17KB

.cS
Size: 3KB - Virtual size: 249KB

.lxH
Size: 1024B - Virtual size: 47KB

.rdata
Size: 2KB - Virtual size: 14KB

.Ph
Size: 4KB - Virtual size: 544KB

.edata
Size: 103KB - Virtual size: 142KB

.pQ
Size: 1024B - Virtual size: 16KB

.data
Size: 7KB - Virtual size: 60KB

.edata
Size: 113KB - Virtual size: 204KB

.KVAeNH
Size: 5KB - Virtual size: 970KB

.g
Size: 3KB - Virtual size: 135KB

.rsrc
Size: 8KB - Virtual size: 7KB