JaffaCakes118_55a9b96979ba4c17fb910af520b173d7

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_55a9b96979ba4c17fb910af520b173d7
Size

195KB
MD5

55a9b96979ba4c17fb910af520b173d7
SHA1

29e5cbeb5628a287a6f2a19731a72b25ed7228a3
SHA256

0c7f36201ee71d7baabe035b94cccc99c354ae209c1a2154239243b690ca416c
SHA512

f95feeea77623e4f73bb39a18098e69c4cd3d562fc605e5c0a7445688833c449a5dea424c4f35ca723f20c98750c72ed495b084b0a8205e64d012146e17e20b0
SSDEEP

3072:AEzUBSKNgUTY+ecZgx6vjh+eZ/+eaAGjzi1FBZBRHFXTFqkoy3oJtSdKmuewXg1o:nCVTd+j0Nx9toMES2Fg5FoB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_55a9b96979ba4c17fb910af520b173d7

Files

JaffaCakes118_55a9b96979ba4c17fb910af520b173d7
.exe windows:4 windows x86 arch:x86

74ae2effc6b4112cbfaa33b187e9b1cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

psapi

GetProcessMemoryInfo

msvfw32

ICInfo

kernel32

GetSystemDirectoryA
IsDebuggerPresent
CreateFileW
OutputDebugStringA
FindClose
EnumResourceNamesW
EnumResourceTypesW
CreateFiberEx
DeleteFileW
_lread
CopyFileW
ReadFile
FindResourceExW
_lclose
RemoveDirectoryW
UnhandledExceptionFilter
GetFileAttributesA
HeapReAlloc
GetFullPathNameA
lstrlenA
LoadResource
FreeLibrary
FindResourceW
GetVersion
DeleteCriticalSection
EscapeCommFunction
FindNextFileW
GlobalLock
_llseek
InterlockedIncrement
HeapFree
GetModuleHandleW
SetFileAttributesW
FreeResource
FindFirstFileW
QueryPerformanceCounter
FormatMessageW
HeapAlloc
RaiseException
UnmapViewOfFile
DebugBreak
LeaveCriticalSection
CloseHandle
ExitProcess
CreateFileMappingA
TerminateProcess
GetProcessHeap
EnumResourceNamesA
CreateDirectoryW
GlobalFree
GlobalUnlock
WriteFile
LoadLibraryExA
MultiByteToWideChar
GlobalAlloc
InterlockedDecrement
LoadLibraryExW
SizeofResource
SetFileAttributesA
UpdateResourceW
CopyFileA
GetCurrentDirectoryW
SetFilePointer
InterlockedExchange
lstrcmpiA
GetStringTypeExW
GetLocaleInfoA
FindNextFileA
SetEndOfFile
DeleteFileA
GetCurrentProcessId
GetCommandLineW
GetTickCount
BeginUpdateResourceW
LoadLibraryA
FatalExit
GetCurrentThreadId
SetLastError
GetProcAddress
EnumResourceLanguagesW
CreateDirectoryA
SetUnhandledExceptionFilter
CreateFileA
GetFileSize
GetFullPathNameW
MoveFileW
MapViewOfFile
GetCurrentProcess
lstrlenW
AreFileApisANSI
WideCharToMultiByte
HeapSize
GetEnvironmentVariableA
Sleep
GetLastError
GetTempPathW
LockResource
GetACP
EnterCriticalSection
InterlockedCompareExchange
LocalFree
_lwrite
GetVersionExA
RemoveDirectoryA
GetSystemTimeAsFileTime
EndUpdateResourceW
GetOEMCP
GetTempFileNameW
HeapDestroy
InitializeCriticalSection
GetVersionExW
GetFileAttributesW
FindFirstFileA
GetFileInformationByHandle
GetThreadLocale
lstrcpyA

advapi32

CryptCreateHash
CryptReleaseContext
CryptGetHashParam
CryptAcquireContextA
CryptHashData
CryptDestroyHash

shell32

CommandLineToArgvW

imagehlp

ImageRvaToVa
ImageNtHeader
ImageGetDigestStream
ImageDirectoryEntryToData

user32

CharNextA
wsprintfW
MonitorFromWindow
CharNextW

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74ae2effc6b4112cbfaa33b187e9b1cd

Headers

File Characteristics

Imports

psapi

msvfw32

kernel32

advapi32

shell32

imagehlp

user32

Sections

.text Size: 173KB - Virtual size: 173KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 15KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 173KB - Virtual size: 173KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 15KB

.lib
Size: 512B - Virtual size: 220KB