JaffaCakes118_35c169a895e73a281566368c2193ee3b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_35c169a895e73a281566368c2193ee3b
Size

270KB
MD5

35c169a895e73a281566368c2193ee3b
SHA1

fe0e80b0860b5c7a86c7f9bb9160bdcaa58c36bc
SHA256

3fa99e73eb849c5e4ab35d75d8253efea9dad93cff021d3ab549c7c29c97711a
SHA512

5265e31eeabcba3c4db3b1b6aeacca0a2b43be7b7e81eacc41565593a4899fdc3ad00e967ff67420c35d91dfef8938da0fbd2aa0697ce6b89635d06761dfec81
SSDEEP

6144:0xgW3S0nqUQFqyU+hp1CTJRxoB53JYRf/0ml:NWC0nqUNc1CRor3JEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_35c169a895e73a281566368c2193ee3b

Files

JaffaCakes118_35c169a895e73a281566368c2193ee3b
.exe windows:4 windows x86 arch:x86

83f7b8c36e9856e9022710657c86e389

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
CreateEventW
SignalObjectAndWait
FormatMessageW
CopyFileW
IsDebuggerPresent
WideCharToMultiByte
RaiseException
GetThreadLocale
GetProcessHeap
CloseHandle
lstrlenW
CreateThread
HeapAlloc
GetACP
HeapReAlloc
WaitForSingleObject
EnterCriticalSection
UnhandledExceptionFilter
SizeofResource
LoadResource
CreateFileW
FindResourceExW
FindResourceW
DeleteCriticalSection
LockResource
LeaveCriticalSection
CreateDirectoryW
HeapFree
HeapDestroy
GetCurrentThreadId
SetThreadLocale
GetSystemTimeAsFileTime
lstrlenA
LocalFree
HeapSize
GetFullPathNameW
VirtualAlloc

user32

UnregisterClassA

shell32

SHGetFolderPathW

shlwapi

PathAppendW

oleaut32

SafeArrayCopy
GetErrorInfo
SafeArrayDestroy
SafeArrayGetVartype
LoadTypeLi
VariantInit
SafeArrayCreate
VarBstrCmp
VariantCopyInd
VariantChangeType
LoadRegTypeLi
VariantCopy
SafeArrayUnlock
SafeArrayGetUBound
VariantClear
SysFreeString
SysStringByteLen
SafeArrayLock
SysAllocStringLen
SysStringLen
SafeArrayRedim
SysAllocString
SysAllocStringByteLen
SafeArrayGetLBound

userenv

UnloadUserProfile

ole32

CoInitializeEx
CoCreateInstance
CLSIDFromProgID
CoImpersonateClient
CLSIDFromString
OleRun
CoUninitialize
CoRevertToSelf

advapi32

InitializeSid
RegCloseKey
DeregisterEventSource
OpenThreadToken
RegEnumKeyExW
GetLengthSid
CopySid
RegOpenKeyExW
GetSidLengthRequired
RegEnumValueW
ConvertStringSidToSidW
EqualSid
RegQueryValueExW
OpenProcessToken
GetSidSubAuthority
RegisterEventSourceW
IsValidSid
GetTokenInformation
ReportEventW

atl

AtlModuleInit
AtlAxGetControl
AtlModuleUnregisterServer
AtlModuleExtractCreateWndData
AtlModuleRegisterWndClassInfoW
AtlModuleRegisterServer
AtlPixelToHiMetric

kbdca

KbdLayerDescriptor

Sections

.QzGAW
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ItMWXy
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NDhHb
Size: 1024B - Virtual size: 521B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rEIYpu
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rDEgjB
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MOTRc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QqIfMj
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XEDnIxa
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lznL
Size: 512B - Virtual size: 479B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Fjkkx
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83f7b8c36e9856e9022710657c86e389

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

oleaut32

userenv

ole32

advapi32

atl

kbdca

Sections

.QzGAW Size: 1024B - Virtual size: 33KB

.text Size: 19KB - Virtual size: 19KB

.ItMWXy Size: 2KB - Virtual size: 1KB

.NDhHb Size: 1024B - Virtual size: 521B

.rEIYpu Size: 2KB - Virtual size: 2KB

.rDEgjB Size: 2KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 221KB

.rdata Size: 208KB - Virtual size: 207KB

.MOTRc Size: 2KB - Virtual size: 1KB

.QqIfMj Size: 2KB - Virtual size: 1KB

.XEDnIxa Size: 1024B - Virtual size: 926B

.rsrc Size: 17KB - Virtual size: 17KB

.lznL Size: 512B - Virtual size: 479B

.Fjkkx Size: 2KB - Virtual size: 1KB

.QzGAW
Size: 1024B - Virtual size: 33KB

.text
Size: 19KB - Virtual size: 19KB

.ItMWXy
Size: 2KB - Virtual size: 1KB

.NDhHb
Size: 1024B - Virtual size: 521B

.rEIYpu
Size: 2KB - Virtual size: 2KB

.rDEgjB
Size: 2KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 221KB

.rdata
Size: 208KB - Virtual size: 207KB

.MOTRc
Size: 2KB - Virtual size: 1KB

.QqIfMj
Size: 2KB - Virtual size: 1KB

.XEDnIxa
Size: 1024B - Virtual size: 926B

.rsrc
Size: 17KB - Virtual size: 17KB

.lznL
Size: 512B - Virtual size: 479B

.Fjkkx
Size: 2KB - Virtual size: 1KB