JaffaCakes118_614ed101705dc1c4085807214fbd4cda

General

Target

JaffaCakes118_614ed101705dc1c4085807214fbd4cda
Size

181KB
MD5

614ed101705dc1c4085807214fbd4cda
SHA1

a1d3fd5d1eeea096a8289c822095faaf7075bc7a
SHA256

7dd37c98986002c498e595d9cd711c474d306db23ccb7d4b14f1533c46c45267
SHA512

83d94e6be7587a2607440393ba15aeb87a997d966bd0f40c7c498d8187acf0ded54e24202b8c932e21d3e7a1c65598c48fff7dd5a14052259c1c98d04131a813
SSDEEP

3072:PC+da4klDUVSp07wM2VH5k9ZCfe0CVvNqRCeuJ77PL82fWztxonseCi+OSgTSP:Pta42HHk9U84RfgU0Wztbli+OSnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_614ed101705dc1c4085807214fbd4cda

Files

JaffaCakes118_614ed101705dc1c4085807214fbd4cda
.exe windows:4 windows x86 arch:x86

80d9a762f381b0612cb3fc66a313497b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance
CreateItemMoniker
CoInitialize
CoTaskMemFree
CLSIDFromString
StringFromGUID2
CoFreeUnusedLibraries
StringFromCLSID
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
GetRunningObjectTable
CoTaskMemAlloc

winmm

timeGetDevCaps
timeGetTime
timeBeginPeriod
timeEndPeriod

advapi32

RegOpenKeyExA
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegEnumKeyExA

user32

wvsprintfA
DispatchMessageA
wsprintfA
CreateWindowExA
PeekMessageA
GetMessageA
RegisterClassA
MsgWaitForMultipleObjects
PostThreadMessageA
GetQueueStatus
LoadStringA
CopyRect
RegisterWindowMessageA
MonitorFromWindow
DestroyWindow

kernel32

LocalFree
CreateFiberEx
CloseHandle
EnterCriticalSection
GetACP
ClearCommError
SetEvent
GetSystemTimeAsFileTime
EnumResourceNamesA
ResumeThread
InitializeCriticalSection
FatalExit
DeleteCriticalSection
GetVersionExA
CreateThread
CreateEventA
WaitForSingleObject
GetCurrentProcessId
LeaveCriticalSection

shell32

SHGetSpecialFolderPathA

quartz

AMGetErrorTextW

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80d9a762f381b0612cb3fc66a313497b

Headers

File Characteristics

Imports

ole32

winmm

advapi32

user32

kernel32

shell32

quartz

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB

.lib
Size: 512B - Virtual size: 76KB