JaffaCakes118_b2eca9803a9959a3bce6e5db4698d18b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b2eca9803a9959a3bce6e5db4698d18b
Size

214KB
MD5

b2eca9803a9959a3bce6e5db4698d18b
SHA1

2857f4aa440022adc3059cc4478b0c443bb615a4
SHA256

19ee78bf53506ebd23f68f046e2e285f6640820b8dd6846fca25a88c38fee8ed
SHA512

9ed47ac2d0ca210796631a28f905c5e25be6b3ad012e6e4024a07a3ccc7da88e4052fa80ef243ae0b796190af728108073f0d11d0ba6396f8ae98faef385b6ee
SSDEEP

6144:LB8CU+zRg2sK1WIae2QZx7FaaYHOuglK296r:2341+e174aYuPM28

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b2eca9803a9959a3bce6e5db4698d18b

Files

JaffaCakes118_b2eca9803a9959a3bce6e5db4698d18b
.exe windows:2 windows x86 arch:x86

4e8ce0062ec09b3b16f2a1c5b9e632cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
lstrcatW
GetModuleFileNameW
lstrlenA
GetLogicalDrives
GetModuleHandleA
GetTempPathW
CreateFileMappingA
GetAtomNameA
GetFullPathNameW
GetVersion
GetProcessHeaps
CreateEventA
GetFileAttributesA
GetCalendarInfoA
CreateEventW
GetCommandLineW
CreateNamedPipeA
SetThreadPriority
WaitForMultipleObjects
GetNumberFormatA
GetThreadLocale
GetWindowsDirectoryW
WaitForSingleObject
GetCurrentThreadId
GetVolumeInformationW
Sleep
GetProcAddress
lstrcmpA
GlobalGetAtomNameW
GetMailslotInfo
MoveFileA
GetLastError
FreeResource
GetDiskFreeSpaceW
AddAtomW
GetUserDefaultLangID
GetACP
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetExitCodeThread
SetCurrentDirectoryA
GetStringTypeA
GlobalGetAtomNameA
IsBadCodePtr

user32

GetMessageW
CharPrevW
DialogBoxIndirectParamW
DefFrameProcW
SetDlgItemTextA
mouse_event
SendDlgItemMessageW
CreateDialogParamW
EnableWindow
FlashWindow
LoadBitmapA
IsChild
SetParent
GetClassLongW
GetKeyState
GetClassNameW
EnumDesktopsW
CreatePopupMenu
CreateAcceleratorTableW
SetCapture
CopyImage
WaitMessage
LoadMenuA
UnregisterClassA
wvsprintfW
GetWindowLongA
wsprintfW
MessageBeep
RegisterClassW
EnumDesktopsW
GetWindowTextLengthA
InsertMenuItemW
SendDlgItemMessageA
EnableMenuItem
SendMessageW
FindWindowW
EmptyClipboard
GetSubMenu
InsertMenuItemA
SetWindowRgn
SetCursorPos
GetMenuInfo
GetClassLongA
keybd_event
GetWindowTextLengthW
SetWindowTextW
GetMenuItemInfoW
GetTopWindow
CharNextW
CascadeWindows

gdi32

CreateScalableFontResourceA
SetTextAlign
SetArcDirection
GetNearestPaletteIndex
GetDCBrushColor
ExtCreateRegion
GetTextExtentPointW
DescribePixelFormat
GetCharWidthFloatW
Arc
SetDIBits
GetAspectRatioFilterEx
GetTextMetricsA
GetOutlineTextMetricsA
GetDCOrgEx
UnrealizeObject
RectVisible
WidenPath
BeginPath
GetMetaFileBitsEx
GetMetaFileA
GetBitmapDimensionEx
CheckColorsInGamut
EndDoc
DeleteColorSpace
CreateMetaFileW
CopyMetaFileW

advapi32

RegCreateKeyW
RegSaveKeyW
RegQueryMultipleValuesW
RegQueryValueExW
RegCreateKeyExW
RegSaveKeyA
RegEnumValueW
RegQueryValueExA
RegQueryInfoKeyA
RegReplaceKeyW
RegOpenKeyExA

shlwapi

PathGetArgsA
SHRegQueryUSValueW
StrStrW
StrRetToStrW

ole32

CoFileTimeNow
CreateErrorInfo
CoDisconnectObject
CoGetInstanceFromFile
CoFreeLibrary

oleaut32

VarI1FromDisp
VarUI2FromUI1
VarDecMul
VarDateFromCy
VarI4FromI2
VarCyFromI1
VarDecAbs
VarDecNeg
SafeArrayCreateEx

version

VerLanguageNameW
VerFindFileW
VerQueryValueW

wininet

FtpDeleteFileA
InternetConfirmZoneCrossingA
InternetOpenA
InternetAlgIdToStringA
RunOnceUrlCache
InternetEnumPerSiteCookieDecisionW
InternetCheckConnectionA
SetUrlCacheConfigInfoW
InternetEnumPerSiteCookieDecisionA
LoadUrlCacheContent
FindNextUrlCacheEntryA
RetrieveUrlCacheEntryFileW
InternetWriteFileExA
FtpCommandA
InternetAutodialCallback
InternetFindNextFileA
InternetAutodialHangup
DetectAutoProxyUrl

winspool.drv

AddPrinterW
SetPrinterDataW

oledlg

OleUIObjectPropertiesA
OleUIEditLinksA
OleUIPromptUserW
OleUIUpdateLinksW
OleUIBusyW
OleUIEditLinksW
OleUIInsertObjectW

wsock32

GetServiceW
WSARecvEx
setsockopt
GetNameByTypeW
WSAStartup
accept
GetAcceptExSockaddrs
closesocket

Sections

.rdata
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 22KB

IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 39KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e8ce0062ec09b3b16f2a1c5b9e632cd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

ole32

oleaut32

version

wininet

winspool.drv

oledlg

wsock32

Sections

.rdata Size: 1024B - Virtual size: 12KB

.edata Size: 1KB - Virtual size: 12KB

.edata Size: 1024B - Virtual size: 22KB

.rdata Size: 19KB - Virtual size: 19KB

.edata Size: 1KB - Virtual size: 39KB

.rdata Size: 6KB - Virtual size: 5KB

.rdata Size: 1KB - Virtual size: 34KB

.rdata Size: 1024B - Virtual size: 19KB

.data Size: 7KB - Virtual size: 12KB

.edata Size: 1024B - Virtual size: 19KB

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 12KB

.edata
Size: 1KB - Virtual size: 12KB

.edata
Size: 1024B - Virtual size: 22KB

.rdata
Size: 19KB - Virtual size: 19KB

.edata
Size: 1KB - Virtual size: 39KB

.rdata
Size: 6KB - Virtual size: 5KB

.rdata
Size: 1KB - Virtual size: 34KB

.rdata
Size: 1024B - Virtual size: 19KB

.data
Size: 7KB - Virtual size: 12KB

.edata
Size: 1024B - Virtual size: 19KB

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 4KB