JaffaCakes118_788a6d235cd2a72a7ebeb0e0a902d684

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_788a6d235cd2a72a7ebeb0e0a902d684
Size

266KB
MD5

788a6d235cd2a72a7ebeb0e0a902d684
SHA1

7d0ff9dbb74d4b6b3e3bd35fb06788ffb69532e5
SHA256

2d2e942e949fed143aa5fe6a47694d8d073a96180d0fa895eca6bb1dcf1fafec
SHA512

c76224bd3e1b7f333a2c01f0a4d4fedd52a53e086977aa885ebc37aeff5315a20bd6a98ce4d6cb7d636274e27047923110bdda78a0c3401c15e11d1d7705a8ed
SSDEEP

6144:rQYhyGhpqCJOWeXdAq6UIFOsP/7Lh0flIU63Va2:jhdk3f6ySLifly3V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_788a6d235cd2a72a7ebeb0e0a902d684

Files

JaffaCakes118_788a6d235cd2a72a7ebeb0e0a902d684
.exe windows:4 windows x86 arch:x86

416944818bcc715280a8ed2436043ff7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
HeapFree
HeapFree
InterlockedExchange
GetThreadLocale
SystemTimeToFileTime
lstrlenW
LoadLibraryExW
GetProcessHeap
GetModuleHandleA
WriteFile
HeapSize
GetCurrentProcessId
HeapAlloc
IsDebuggerPresent
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
HeapReAlloc
GetStartupInfoA
LoadLibraryW
MultiByteToWideChar
CreateFileW
EnumSystemLanguageGroupsW
lstrlenA
CreateProcessA
LocalAlloc
GetWriteWatch
TerminateProcess
WideCharToMultiByte
GetEnvironmentVariableA
GetLocaleInfoA
GetStdHandle
GetACP
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapDestroy
RaiseException
InterlockedCompareExchange
CloseHandle
GetTickCount
Sleep
UnhandledExceptionFilter
lstrcpynW

gdi32

EnumFontFamiliesExA
GetDeviceCaps
RestoreDC
SelectObject
GetTextExtentPoint32A
GetStockObject
DeleteMetaFile
SaveDC
GetObjectA
BitBlt
TextOutA
CreateCompatibleDC
SetTextColor
CreateSolidBrush
CreateRectRgn
SetBkMode
DeleteObject
DeleteDC
Rectangle
CreateFontIndirectA
CreateCompatibleBitmap

user32

FillRect
SetCursor
GetDlgItem
ReleaseCapture
GetDC
MoveWindow
ReleaseDC
IsWindow
GetWindowInfo
SetWindowPos
GetSysColor
GetWindowLongA
SetWindowLongA
LoadCursorA
SetCapture

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

416944818bcc715280a8ed2436043ff7

Headers

File Characteristics

Imports

kernel32

gdi32

user32

oleacc

ole32

shell32

version

advapi32

winmm

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 3KB - Virtual size: 142KB

.data Size: 197KB - Virtual size: 197KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 3KB - Virtual size: 142KB

.data
Size: 197KB - Virtual size: 197KB

.rsrc
Size: 512B - Virtual size: 4KB