JaffaCakes118_b1376dedf4656d123bfdba2445646d38

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b1376dedf4656d123bfdba2445646d38
Size

282KB
MD5

b1376dedf4656d123bfdba2445646d38
SHA1

c91a66a2a03e6673009339120971476798336bde
SHA256

9dece57c7d9b4da22a2b83abb00126568e266de4a9c9b1d0c16bde03e59b65fe
SHA512

87a7b40019a7ab8d43a8966a301d4625355da6936ccdddbd0c6678c650d1a849b59194c82267b2bdcf3ce60daed8e4371dba36dd1d5c9414e1e05a7ddfe77252
SSDEEP

6144:EdG/OyRuNyDGnwnicZO7T3Lo7GvcgzEQpA9:R7mCGEiSA7JvXQq0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b1376dedf4656d123bfdba2445646d38

Files

JaffaCakes118_b1376dedf4656d123bfdba2445646d38
.exe windows:4 windows x86 arch:x86

a07d17e02a2b08cfcc74dfb8f9a77898

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessImageFileNameW

ole32

CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
IIDFromString
CoTaskMemRealloc

comctl32

InitCommonControlsEx

rpcrt4

UuidCreate
RpcStringFreeW
UuidToStringW

iphlpapi

GetInterfaceInfo
FlushIpNetTable
IpRenewAddress
IpReleaseAddress

kernel32

RaiseException
GetDiskFreeSpaceExW
GlobalAlloc
SetLastError
CreateFileA
DeleteCriticalSection
FindFirstChangeNotificationW
LoadLibraryExW
GetModuleHandleW
RemoveDirectoryW
HeapReAlloc
CloseHandle
UnhandledExceptionFilter
GetSystemTime
FindCloseChangeNotification
GetThreadContext
ProcessIdToSessionId
DosDateTimeToFileTime
HeapSize
lstrlenA
GetTempPathW
CopyFileW
GlobalLock
GetUserDefaultLCID
FindFirstFileW
ExpandEnvironmentStringsW
LoadResource
WideCharToMultiByte
GetTimeFormatW
WaitForSingleObject
CreateProcessW
lstrlenW
GetProcessHeap
SetUnhandledExceptionFilter
OpenThread
lstrcmpiW
ReadFile
SystemTimeToFileTime
GetPrivateProfileStringW
SuspendThread
FreeLibrary
GetFileAttributesExW
DisableThreadLibraryCalls
CreateDirectoryW
FormatMessageW
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
SetFileAttributesW
GetFileSize
HeapDestroy
LocalAlloc
SetFileTime
SizeofResource
FindResourceExW
FindNextFileW
LocalFree
IsDebuggerPresent
GetSystemInfo
ResumeThread
LocalFileTimeToFileTime
GlobalMemoryStatusEx
GetDateFormatW
FindNextChangeNotification
LeaveCriticalSection
LockResource
MulDiv
FileTimeToSystemTime
OpenProcess
GetCommandLineW
DeleteFileW
WTSGetActiveConsoleSessionId
MoveFileW
HeapFree
HeapAlloc
FindResourceW
GetSystemTimeAsFileTime
SetFileAttributesA
GetFileSizeEx
EnterCriticalSection
GlobalFree
GetSystemDefaultLCID
CreateFileW
FindClose
GlobalUnlock
GetCurrentThreadId
CreateThread
VirtualAllocEx

gdi32

GetDeviceCaps

user32

DestroyWindow
OpenClipboard
SetClipboardData
EmptyClipboard
IsIconic
CloseClipboard
PeekMessageW
FindWindowExW
SystemParametersInfoW
SetWindowPos
SetForegroundWindow
ReleaseDC
CharNextW
DefWindowProcW
GetSystemMetrics
GetWindowLongW
GetDC
ShowWindow
LoadIconW
MessageBoxW

oleaut32

SysAllocString
SysStringLen
VariantInit
VarUI4FromStr
VariantClear
SysAllocStringLen
SysFreeString

dbghelp

MakeSureDirectoryPathExists
ExtensionApiVersion
SymGetModuleInfo
vc7fpo
GetTimestampForLoadedLibrary
SymFromName
WinDbgExtensionDllInit
SymUnDName

kbdhe

KbdLayerDescriptor

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lwykNE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MFWAaEn
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ftGiaJ
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Vpjpu
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tfhRBe
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RrtqNp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YjnSD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AGWgpJ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lbarjCC
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AzLvR
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a07d17e02a2b08cfcc74dfb8f9a77898

Headers

File Characteristics

Imports

psapi

ole32

comctl32

rpcrt4

iphlpapi

kernel32

gdi32

user32

oleaut32

dbghelp

kbdhe

Sections

.text Size: 87KB - Virtual size: 86KB

.lwykNE Size: 3KB - Virtual size: 2KB

.MFWAaEn Size: 2KB - Virtual size: 1KB

.ftGiaJ Size: 1024B - Virtual size: 856B

.Vpjpu Size: 2KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 229KB

.tfhRBe Size: 3KB - Virtual size: 2KB

.RrtqNp Size: 4KB - Virtual size: 4KB

.rdata Size: 139KB - Virtual size: 138KB

.YjnSD Size: 1KB - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 17KB

.AGWgpJ Size: 4KB - Virtual size: 4KB

.lbarjCC Size: 3KB - Virtual size: 2KB

.AzLvR Size: 4KB - Virtual size: 3KB

.text
Size: 87KB - Virtual size: 86KB

.lwykNE
Size: 3KB - Virtual size: 2KB

.MFWAaEn
Size: 2KB - Virtual size: 1KB

.ftGiaJ
Size: 1024B - Virtual size: 856B

.Vpjpu
Size: 2KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 229KB

.tfhRBe
Size: 3KB - Virtual size: 2KB

.RrtqNp
Size: 4KB - Virtual size: 4KB

.rdata
Size: 139KB - Virtual size: 138KB

.YjnSD
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 17KB

.AGWgpJ
Size: 4KB - Virtual size: 4KB

.lbarjCC
Size: 3KB - Virtual size: 2KB

.AzLvR
Size: 4KB - Virtual size: 3KB