JaffaCakes118_4bee0fac8f54d49bce239125b33b41f6

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_4bee0fac8f54d49bce239125b33b41f6
Size

508KB
MD5

4bee0fac8f54d49bce239125b33b41f6
SHA1

5965486624c6a09418d74b1da2f949e7940fe9a5
SHA256

abef62ce0e99077d0b71817842ac3374e4023f59c076a221c2401fd607c021c7
SHA512

c2ce22b63d3ad022303438c5a72657dc266ae3c35f09f9d9241850fc5cb0a39dfaee9d1a6f85a9e87a6fa4a1a9813ae8a98710cb4e0aad977bcee87c47c370f9
SSDEEP

12288:IBw0Sgkid7wuPUYjiwONpuSNqs4dGhWzca4ca3+5:IBwp7mcuPUYjiwONpuSNqsCGhWzGo5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4bee0fac8f54d49bce239125b33b41f6

Files

JaffaCakes118_4bee0fac8f54d49bce239125b33b41f6
.exe windows:4 windows x86 arch:x86

4175e535a41900f94dcefa636eb6e691

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
CreateToolbarEx

kernel32

GetCurrentProcessId
GetCurrentDirectoryA
DeleteFileA
GetModuleFileNameA
GetSystemDirectoryA
QueryPerformanceFrequency
CreateProcessA
GetCommandLineA
ExpandEnvironmentStringsA
GetFileAttributesA
OutputDebugStringA
GetVersion
GetTickCount
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcatA
HeapFree
lstrlenA
lstrcpyA
HeapAlloc
GetProcessHeap
ReadProcessMemory
OpenProcess
Sleep
GetVersionExA
GetUserDefaultLangID
SetEndOfFile
ReadFile
GetStringTypeW
GetStringTypeA
CreateEventA
LCMapStringA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
SetFilePointer
FlushFileBuffers
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
TlsGetValue
TlsAlloc
GetCurrentThreadId
HeapReAlloc
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
InitializeCriticalSection
WriteFile
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetStartupInfoA
RtlUnwind
ExitThread
TlsSetValue
CreateThread
ResumeThread
GetLogicalDrives
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
DosDateTimeToFileTime
GetTimeFormatA
SetEvent
LoadLibraryA
FreeLibrary
WaitForSingleObject
WaitForMultipleObjects
DeviceIoControl
FormatMessageA
LocalFree
GetModuleHandleA
GetProcAddress
SetLastError
CreateFileA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentProcess
GetLastError
CloseHandle
LCMapStringW

user32

SetWindowLongA
SetCursor
InvalidateRect
ChildWindowFromPoint
GetSysColor
GetSysColorBrush
LoadCursorA
DrawIconEx
GetClientRect
SetWindowTextA
SetCapture
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawTextA
GetFocus
GetSystemMetrics
SetTimer
IsZoomed
IsIconic
CallWindowProcA
GetDlgItem
MoveWindow
GetWindowRect
GetParent
ScreenToClient
GetDlgItemTextA
IsWindowEnabled
SetDlgItemTextA
CheckDlgButton
EnableWindow
IsDlgButtonChecked
CheckRadioButton
RegisterWindowMessageA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
RegisterClassA
DialogBoxParamA
GetMenu
EnableMenuItem
CreateMenu
InsertMenuA
SetFocus
BeginPaint
EndPaint
GetCursorPos
LoadMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
LoadStringA
WinHelpA
GetDC
ReleaseDC
InvalidateRgn
SetWindowPos
ReleaseCapture
PostMessageA
DefWindowProcA
DestroyWindow
CheckMenuItem
SendMessageA
MessageBoxA
PostQuitMessage
EndDialog
ClientToScreen

gdi32

GetTextExtentPoint32A
SetBkColor
CreateSolidBrush
SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
GetObjectA
GetStockObject
GetTextMetricsA
DeleteObject
ExtTextOutA
CreateCompatibleDC

comdlg32

GetOpenFileNameA
FindTextA
ChooseColorA
ChooseFontA
GetSaveFileNameA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyA
RegQueryValueExA
GetTokenInformation
LookupAccountSidA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
AdjustTokenPrivileges

shell32

ShellExecuteExA
ShellExecuteA
SHGetFileInfoA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4175e535a41900f94dcefa636eb6e691

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

version

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 108KB

.rsrc Size: 344KB - Virtual size: 340KB

.nrdata Size: 72KB - Virtual size: 72KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 108KB

.rsrc
Size: 344KB - Virtual size: 340KB

.nrdata
Size: 72KB - Virtual size: 72KB