JaffaCakes118_43fbced0d9afb6dad1afb2d1453df515

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_43fbced0d9afb6dad1afb2d1453df515
Size

181KB
MD5

43fbced0d9afb6dad1afb2d1453df515
SHA1

1b974c77fd26f56c9daacf32fb7e485d55a6ec89
SHA256

a8324544e626c81730e901110af10c4691c5b4e170820fd44b263bca1d649009
SHA512

c3acf5faec0d7c6c78b4122ce4c7f42843820cb1b841a22f04c901ed82dea81ef55617b0a30a236f4f4dbf34b479741ed8b23cc907e33589ef899493728e01ff
SSDEEP

3072:USCouxNVzz0+CF8geNeKok6WpqtPHMrzFoTgEO16Zq/27WrolUjTfg6RjjaPnCeF:U17xNV03O19okJqpMrzFohrq/27WdjjQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_43fbced0d9afb6dad1afb2d1453df515

Files

JaffaCakes118_43fbced0d9afb6dad1afb2d1453df515
.exe windows:4 windows x86 arch:x86

538cd870f9886c6cc15b66180fc4080d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetSpecialFolderPathA

winmm

timeBeginPeriod
timeGetDevCaps
timeGetTime
timeEndPeriod

ole32

StringFromGUID2
CoRevokeClassObject
GetRunningObjectTable
CoUninitialize
CreateItemMoniker
CoInitialize
CoInitializeEx
CreateStreamOnHGlobal
CoTaskMemFree
CoFreeUnusedLibraries
CoRegisterClassObject
CoCreateInstance
CLSIDFromString
StringFromCLSID
CoTaskMemAlloc

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueA
RegSetValueExA
RegCreateKeyA
RegEnumKeyExA

user32

MsgWaitForMultipleObjects
wsprintfA
RegisterWindowMessageA
DispatchMessageA
GetQueueStatus
RegisterClassA
LoadStringA
CreateWindowExA
PeekMessageA
MonitorFromWindow
CopyRect
PostThreadMessageA
GetMessageA
wvsprintfA
DestroyWindow

kernel32

GetProcAddress
GetTickCount
GetTapeParameters
WaitForMultipleObjects
VirtualFree
HeapFree
CreateThread
CreateFileW
InterlockedDecrement
QueryPerformanceCounter
GetModuleFileNameA
InitializeCriticalSection
ClearCommError
InterlockedIncrement
GetCurrentProcessId
GetThreadPriority
LeaveCriticalSection
LoadLibraryA
CreateMutexA
LoadLibraryW
SetThreadPriority
GetProcessHeap
WaitForSingleObject
IsBadReadPtr
ResetEvent
MultiByteToWideChar
Sleep
EnumResourceNamesA
CreateEventA
LocalFree
ReleaseSemaphore
EnterCriticalSection
ResumeThread
CreateSemaphoreA
DeleteCriticalSection
FreeLibrary
GetModuleFileNameW
IsBadWritePtr
GetSystemTime
GetExitCodeThread
SetEvent
LoadResource
CloseHandle
GetCurrentThreadId
VirtualAlloc
GetVersionExA
GetLastError
GlobalAlloc
GetACP
FatalExit
ReleaseMutex
DisableThreadLibraryCalls
TerminateThread
LockResource
GetSystemInfo
GetCurrentThread
WideCharToMultiByte
lstrlenA
GetSystemTimeAsFileTime
FindResourceA
ExitProcess

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

538cd870f9886c6cc15b66180fc4080d

Headers

File Characteristics

Imports

shell32

winmm

ole32

oleacc

advapi32

user32

kernel32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 51KB

.lib Size: 512B - Virtual size: 368KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 51KB

.lib
Size: 512B - Virtual size: 368KB