JaffaCakes118_51e4d45b265ac134be9dc942cae07fc9

General

Target

JaffaCakes118_51e4d45b265ac134be9dc942cae07fc9
Size

193KB
MD5

51e4d45b265ac134be9dc942cae07fc9
SHA1

a58ee76fcac88ac427f15e45b4204c6e8f8b3b51
SHA256

a976fe821d09b682348b2b3e76732a917f77dd9fdf7413eae60e460819c0ef0f
SHA512

0ddcc0722e903a4b0464f6b2e4d8bf033803129336b175378a869fac7d608e3f4647e7a2fae570b95e2922e690ee661eaaf6675a4d0b9356148110a7ac87bfb6
SSDEEP

6144:0IqCnyhow5ByZD87ZxzjJr1jZpb9sGjp9:0IqCnXYEAHjr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_51e4d45b265ac134be9dc942cae07fc9

Files

JaffaCakes118_51e4d45b265ac134be9dc942cae07fc9
.exe windows:4 windows x86 arch:x86

a6b68e64c250d3a196773dfaeb5e4b83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

quartz

AMGetErrorTextW

kernel32

DeleteCriticalSection
GetCurrentProcessId
CreateFiberEx
CreateThread
GetSystemTimeAsFileTime
CloseHandle
ClearCommError
InitializeCriticalSection
ResumeThread
EnumResourceNamesA
LocalFree
FatalExit
CreateEventA
GetACP
EnterCriticalSection
SetEvent
WaitForSingleObject
GetVersionExA
LeaveCriticalSection

advapi32

RegSetValueA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCreateKeyA
RegEnumKeyExA

user32

PeekMessageA
LoadStringA
wvsprintfA
DispatchMessageA
GetMessageA
wsprintfA
PostThreadMessageA
RegisterClassA
CreateWindowExA
MsgWaitForMultipleObjects
RegisterWindowMessageA
GetQueueStatus
MonitorFromWindow
CopyRect
DestroyWindow

shell32

SHGetSpecialFolderPathA

winmm

timeGetDevCaps
timeGetTime
timeBeginPeriod
timeEndPeriod

ole32

CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
StringFromCLSID
CoInitializeEx
CoUninitialize
StringFromGUID2
CoRevokeClassObject
CreateItemMoniker
CoRegisterClassObject
CoInitialize
GetRunningObjectTable
CLSIDFromString
CoFreeUnusedLibraries
CoTaskMemAlloc

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6b68e64c250d3a196773dfaeb5e4b83

Headers

File Characteristics

Imports

quartz

kernel32

advapi32

user32

shell32

winmm

ole32

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 23KB

.lib Size: 512B - Virtual size: 356KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 23KB

.lib
Size: 512B - Virtual size: 356KB