JaffaCakes118_4cb7590e0e07834d25be684deedb5440

General

Target

JaffaCakes118_4cb7590e0e07834d25be684deedb5440
Size

189KB
MD5

4cb7590e0e07834d25be684deedb5440
SHA1

c52f77615830cc56fd7d354033d75131d1283f49
SHA256

c23b2b9e37ca7062ce5e975ea50b81dd136cec34cc3fb7a14d9e1e28b133a2c4
SHA512

f5bf4a2b6d8589b0a0fedcd65719fc7ce1610b1c4a32ccdf98e81c7da58058b71e859038a46f5d0ce23daf2bcf8967f23a3ea1812317ed0f42c9fc413e47db05
SSDEEP

3072:Zr5sGc9Is8hmilTGRKLNOdZG6/SvatrB1s0eSvrRCQ45RvgXahmSCIPREKwyuNt:nXVG84TTKvo9PjD8VgXahmX0jwyc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4cb7590e0e07834d25be684deedb5440

Files

JaffaCakes118_4cb7590e0e07834d25be684deedb5440
.exe windows:4 windows x86 arch:x86

bd54195e1d20d9fdc1c8512736fc23a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

advapi32

RegDeleteKeyA
RegSetValueA
RegQueryValueExA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA

kernel32

EnterCriticalSection
LocalFree
CreateFiberEx
InitializeCriticalSection
CloseHandle
EscapeCommFunction
WaitForSingleObject
GetCurrentProcessId
GetACP
CreateEventA
EnumResourceNamesA
FatalExit
ResumeThread
GetSystemTimeAsFileTime
CreateThread
GetVersionExA
DeleteCriticalSection
SetEvent
LeaveCriticalSection

user32

CreateWindowExA
GetQueueStatus
wvsprintfA
GetMessageA
MonitorFromWindow
LoadStringA
RegisterWindowMessageA
MsgWaitForMultipleObjects
PostThreadMessageA
wsprintfA
DispatchMessageA
PeekMessageA
RegisterClassA
CopyRect
DestroyWindow

ole32

CoUninitialize
CLSIDFromString
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
CoRegisterClassObject
CoTaskMemFree
GetRunningObjectTable
CreateItemMoniker
CreateStreamOnHGlobal
StringFromCLSID
StringFromGUID2
CoRevokeClassObject
CoInitializeEx
CoTaskMemAlloc

shell32

SHGetSpecialFolderPathA

quartz

AMGetErrorTextW

Sections

.text
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd54195e1d20d9fdc1c8512736fc23a5

Headers

File Characteristics

Imports

winmm

advapi32

kernel32

user32

ole32

shell32

quartz

Sections

.text Size: 161KB - Virtual size: 160KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 24KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 161KB - Virtual size: 160KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 24KB

.lib
Size: 512B - Virtual size: 220KB