JaffaCakes118_77483bb0883f522413903dc4342b6d4e

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_77483bb0883f522413903dc4342b6d4e
Size

226KB
MD5

77483bb0883f522413903dc4342b6d4e
SHA1

87f6a4329e34aaa546ef0656b431e33f936de41b
SHA256

db4a95cbdbd2b3f1d7e3986a36056fc6b66d56078eaf7503792c864d956279f0
SHA512

2d2b9a653e03e60ea2dab1c3f2734c06eb73f207ebf1dd46c869eaa69cff1ede4f40baf71f2b4094118129273d86dc1be0fd76a9304e911a997bc999cb5455a5
SSDEEP

3072:RWBpaSghCYnmz5Gv3buUDYBArmeqtpSve0SD7XYHXW55mt/GOgjp90:RWHaAYQW7A2nSDa9GOgP0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_77483bb0883f522413903dc4342b6d4e

Files

JaffaCakes118_77483bb0883f522413903dc4342b6d4e
.exe windows:4 windows x86 arch:x86

1e5e1f39f59244456794d6ab1155d3d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalAlloc
CloseHandle
MulDiv
WriteFile
CompareStringA
InterlockedExchange
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
GetLastError
GlobalUnlock
GlobalFree
SetErrorMode
GetLogicalDrives
FindClose
ReleaseMutex
FlushFileBuffers
SetStdHandle
GetStringTypeA
SetFilePointer
LCMapStringA
IsBadWritePtr
VirtualAlloc
RtlUnwind
VirtualFree
FreeLibrary
GetCommandLineW
SetLastError
Sleep
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetStartupInfoA
GetFileType
ReadFile
GetStdHandle
SetHandleCount
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
HeapFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

GetParent
GetDC
GetSystemMetrics
ReleaseDC
ShowWindow
BringWindowToTop
SetForegroundWindow
GetLastActivePopup
IsWindowVisible
TranslateMessage
UpdateWindow
SetCursor
GetForegroundWindow
IsWindow
GetAsyncKeyState
DestroyWindow

gdi32

GetDeviceCaps
GetStockObject

advapi32

RegCloseKey

wininet

InternetAutodial
InternetReadFile
InternetCloseHandle
InternetConnectW
InternetOpenW
InternetAttemptConnect
HttpSendRequestW
HttpOpenRequestW
InternetSetOptionW

winmm

waveOutGetNumDevs

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.erdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e5e1f39f59244456794d6ab1155d3d7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

winmm

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 46KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 5KB

.erdata Size: 76KB - Virtual size: 76KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 46KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 5KB

.erdata
Size: 76KB - Virtual size: 76KB