JaffaCakes118_91db59b651e152b445403a9915134a89

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_91db59b651e152b445403a9915134a89
Size

306KB
MD5

91db59b651e152b445403a9915134a89
SHA1

3cab5ec1dbe93d8aaf97bcb8f19cbc4adc27a850
SHA256

ed4611e5e80d5913b2508305ee3cde8a777f0082d2dbf8e8d8d3efd66d220870
SHA512

cd5fcb3559f7cbb5fd510147405ca249f1a05846cb90a8200e270087832481cc6586f7dc0c0bad3081af48497126b9dbac71df4f81f13f908bdb48d96dad5ee5
SSDEEP

6144:U/oMmlhkgERGfNFR7wY2V2CwbGC7nX0XY1U84ZEEL/17KajQ6FXfgx:UhEPVwYwOGbXY1pclb1p82v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_91db59b651e152b445403a9915134a89

Files

JaffaCakes118_91db59b651e152b445403a9915134a89
.exe windows:4 windows x86 arch:x86

914a3d037d59be25f19b4acff071b87b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
CloseHandle
SetUnhandledExceptionFilter
WideCharToMultiByte
ReadFile
GetCurrentThreadId
CreateFileW
MapViewOfFile
GetFileSize
SetLastError
GetSystemDefaultLangID
SetFilePointer
FreeLibrary
GetLocalTime
FreeEnvironmentStringsA
GlobalMemoryStatus
HeapAlloc
ResetEvent
LeaveCriticalSection
EnterCriticalSection
SystemTimeToFileTime
DeleteCriticalSection
LocalAlloc
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetProcessHeap
GetModuleHandleW
FileTimeToSystemTime
UnmapViewOfFile
GetDiskFreeSpaceA
CreateEventW
UnhandledExceptionFilter
HeapFree
CreateFileMappingW
VirtualProtect
WaitForSingleObject
DeviceIoControl
FreeEnvironmentStringsW
VirtualFree
lstrlenA
lstrlenW
LocalFree
IsProcessorFeaturePresent
HeapCreate
VirtualAllocEx

msvcrt

wcsstr
_itow
time
_ui64tow
wcsncmp
memset
_initterm
_lock
_vsnwprintf
wcschr
srand
malloc
_onexit
_unlock
__dllonexit
_wtoi
_purecall
rand
memmove
_wcsnicmp
memcpy
_amsg_exit
_XcptFilter
free

rpcrt4

RpcStringFreeW
UuidFromStringW
I_RpcMapWin32Status
UuidToStringW

advapi32

CryptDestroyKey
CryptAcquireContextW
CryptExportKey
CryptDecrypt
CryptEncrypt
CryptDestroyHash
CryptVerifySignatureA
RegSetValueExA
RegCreateKeyExA
TraceEvent
CryptImportKey
RegQueryValueExA
CryptGenKey
CryptGetHashParam
CryptReleaseContext
CryptCreateHash
CryptSignHashA
RegCloseKey
CryptHashData

ntdll

RtlUnwind

user32

GetDC
LoadBitmapW
GetMenuInfo
MessageBeep
SetWindowLongW
WaitForInputIdle
GetSystemMetrics
GetSysColor
EnableMenuItem
DialogBoxIndirectParamA
SetWindowPos
WaitMessage
GetMenuItemInfoA
RegisterWindowMessageW
DestroyCursor

gdi32

GetTextColor

localsec

DllCanUnloadNow
DllRegisterServer

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

914a3d037d59be25f19b4acff071b87b

Headers

File Characteristics

Imports

kernel32

msvcrt

rpcrt4

advapi32

ntdll

user32

gdi32

localsec

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 268KB - Virtual size: 410KB

.rdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 13KB - Virtual size: 38KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 268KB - Virtual size: 410KB

.rdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 13KB - Virtual size: 38KB