JaffaCakes118_72f1f8896a3cc26fb4f9ac191ec6dcb8

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_72f1f8896a3cc26fb4f9ac191ec6dcb8
Size

187KB
MD5

72f1f8896a3cc26fb4f9ac191ec6dcb8
SHA1

a675677c99c3ff58189280163d1b1524a546d0cc
SHA256

a62c05eb6dfb2da1af9997cf8bca4e7047816b9cd33bc1dafbbe09cf12cd5fea
SHA512

53dc1df1ad7551ed0952b7e83677d6ed8eeb8100ee934d5a29de39708eff415cf268b4896cacd92252396b827a2f5ac140165a183032e8edce874d9b815427ce
SSDEEP

3072:v8jRKI846gBwNe8+q/rIg/CU/IaXRdhhmZ1Odf8Www+cDHAbdOcnn06hKZpg9:vmwp9TrImCQI8rhG1OiXRXbYZ6h0p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_72f1f8896a3cc26fb4f9ac191ec6dcb8

Files

JaffaCakes118_72f1f8896a3cc26fb4f9ac191ec6dcb8
.exe windows:4 windows x86 arch:x86

552fe8db3211a42231ca586a66d377c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

quartz

AMGetErrorTextW

winmm

timeBeginPeriod
timeGetTime
timeGetDevCaps
timeEndPeriod

advapi32

RegCreateKeyA
RegDeleteKeyA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueA
RegEnumKeyExA

shell32

SHGetSpecialFolderPathA

kernel32

TerminateThread
GetSystemTimeAsFileTime
GetCurrentThread
LoadLibraryW
CreateSemaphoreA
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
CreateFileW
CreateThread
CreateFiberEx
WaitForMultipleObjects
GetCurrentProcessId
ClearCommError
GetACP
GetSystemInfo
IsBadWritePtr
ReleaseMutex
GetModuleFileNameW
QueryPerformanceCounter
LockResource
CreateMutexA
VirtualFree
GetProcAddress
SetEvent
MultiByteToWideChar
LoadLibraryA
lstrlenA
GlobalAlloc
LoadResource
ReleaseSemaphore
Sleep
InterlockedIncrement
FreeLibrary
EnumResourceNamesA
GetSystemTime
FindResourceA
LocalFree
IsBadReadPtr
InterlockedDecrement
GetLastError
GetThreadPriority
GetVersionExA
WaitForSingleObject
GetExitCodeThread
FatalExit
WideCharToMultiByte
DeleteCriticalSection
HeapFree
GetProcessHeap
GetModuleFileNameA
ResetEvent
GetCurrentThreadId
VirtualAlloc
CreateEventA
SetThreadPriority
GetTickCount
CloseHandle
DisableThreadLibraryCalls
ResumeThread
ExitProcess

ole32

CreateItemMoniker
CoTaskMemFree
CLSIDFromString
CoUninitialize
CoCreateInstance
GetRunningObjectTable
CoRevokeClassObject
CoInitializeEx
CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoInitialize
StringFromCLSID
CoRegisterClassObject
StringFromGUID2
CoTaskMemAlloc

user32

GetMessageA
RegisterWindowMessageA
RegisterClassA
wvsprintfA
MsgWaitForMultipleObjects
LoadStringA
PostThreadMessageA
MonitorFromWindow
PeekMessageA
CopyRect
DispatchMessageA
wsprintfA
CreateWindowExA
GetQueueStatus
DestroyWindow

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

552fe8db3211a42231ca586a66d377c7

Headers

File Characteristics

Imports

quartz

winmm

advapi32

shell32

kernel32

ole32

user32

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 16KB

.lib Size: 512B - Virtual size: 72KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 16KB

.lib
Size: 512B - Virtual size: 72KB