JaffaCakes118_420fdb3f9161718f970815d8c7b8b328

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_420fdb3f9161718f970815d8c7b8b328
Size

304KB
MD5

420fdb3f9161718f970815d8c7b8b328
SHA1

3858d9fb236550c2e6ee7a76ade0ddfd0ef5667b
SHA256

814badc6788b241a6e16a0a6e05b128cb6a0a35d01cfdd396b5675bb32be627e
SHA512

e183d3aea139054527075f3f3c6fa084373d7823aa4cb64c2d3dd1d644fa32086c71de531fca1b9bf8be55983681bcf65d9de3d01099686f54771419c8e49ca8
SSDEEP

6144:3taK1iCzqRDgaE1o71bliASplR29yPhdx2h23FKBRcPsLh+0:U4iCqgN1o715BSHR29yZTFKBRx9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_420fdb3f9161718f970815d8c7b8b328

Files

JaffaCakes118_420fdb3f9161718f970815d8c7b8b328
.exe windows:4 windows x86 arch:x86

5ba67bc8f8c91df96f20e3813983b9d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSCWriteProviderOrder
WSCDeinstallProvider
WSAStartup
WSCGetProviderPath
WSCEnumProtocols
WSACleanup
WSCInstallProvider

advapi32

SetSecurityDescriptorDacl
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
InitializeSecurityDescriptor

rpcrt4

UuidCreate

ole32

StringFromGUID2

kernel32

SetStdHandle
WriteFile
VirtualAlloc
GetOEMCP
WideCharToMultiByte
IsValidCodePage
SetHandleCount
SetFilePointer
TlsAlloc
GetModuleHandleA
UnhandledExceptionFilter
IsValidLocale
DeleteCriticalSection
GetUserDefaultLCID
WriteConsoleW
TlsGetValue
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsA
SetEndOfFile
FlushFileBuffers
CreateFileA
TlsFree
EnterCriticalSection
FreeEnvironmentStringsW
GetSystemTime
WriteConsoleA
RtlUnwind
LCMapStringA
GetACP
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetCommandLineA
VirtualFree
IsDebuggerPresent
HeapReAlloc
LCMapStringW
HeapFree
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
HeapDestroy
EnumSystemLocalesA
GetTimeFormatA
TlsSetValue
ReadFile
GetConsoleCP
GetSystemTimeAsFileTime
GetProcessHeap
GetSystemDirectoryA
FreeLibrary
HeapAlloc
FreeEnvironmentStringsA
CloseHandle
GetModuleHandleW
HeapSize
GetTempPathA
LeaveCriticalSection
GetCurrentThreadId
GetConsoleOutputCP
SetLastError
RaiseException
GetConsoleMode
GetCurrentProcess

cmutil

CmAtolA
CmLoadImageW
CmStrTrimW
CmLoadIconW
CmRealloc
WzToSzWithAlloc
CmLoadIconA

kbdsg

KbdLayerDescriptor

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ba67bc8f8c91df96f20e3813983b9d3

Headers

File Characteristics

Imports

ws2_32

advapi32

rpcrt4

ole32

kernel32

cmutil

kbdsg

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 280KB - Virtual size: 1.0MB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 280KB - Virtual size: 1.0MB

.rsrc
Size: 512B - Virtual size: 4KB