JaffaCakes118_b49de587025cc098863123ce1f150954

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b49de587025cc098863123ce1f150954
Size

329KB
MD5

b49de587025cc098863123ce1f150954
SHA1

c6a2398cc82877969e8cab7c8d2f00dad783596e
SHA256

4e3ef113032c6f2b824cde88a07789544cc906ef739ac4d4198e2ab29aebab96
SHA512

86c0fd41c7dd266208ff597cd8c75f9c21eb4a974cd823ca9d7a744eed9c0cc188b5348ea3ff752b809ab1b54db237f59c2500c4b1f92d10e488e5e01ae4c253
SSDEEP

6144:VOYFNgBAY0IMFk90MQ0gQXcDVx4w5XrT9nwYSPn9:VOiZFn2w4Ch49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b49de587025cc098863123ce1f150954

Files

JaffaCakes118_b49de587025cc098863123ce1f150954
.exe windows:5 windows x86 arch:x86

02e54fd60a714fb0db04147d2bb342c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
SetForegroundWindow
DestroyIcon
ScreenToClient
SendMessageA
PostMessageA
SendMessageW
RegisterClipboardFormatW
DrawTextW
EndPaint
GetDC
FindWindowExW
CharPrevA
InflateRect
GetSystemMetrics
ReleaseDC
CharUpperA

gdi32

BitBlt
SaveDC
RestoreDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
DeleteDC

kernel32

GetACP
HeapFree
LeaveCriticalSection
GetModuleHandleA
lstrcmpiA
FileTimeToSystemTime
CloseHandle
EnterCriticalSection
FreeLibrary
GetShortPathNameA
GetProcessHeap
CreateFileA
lstrcpynA
GetSystemTime
GetFileInformationByHandle
WaitForSingleObject
CreateMutexA
GlobalAlloc
ReleaseMutex
lstrlenA
WideCharToMultiByte
FormatMessageA
LocalFree
DeleteCriticalSection
GetCommandLineW
GlobalFree
LoadLibraryExA
HeapAlloc
TlsAlloc
VirtualAllocEx

shlwapi

PathRemoveFileSpecA

advapi32

ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RevertToSelf

shell32

SHGetPathFromIDListA
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoA
ShellExecuteA

oleaut32

SysAllocStringByteLen
SysFreeString

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wsock32

ntohs

ole32

IsEqualGUID
CoCreateInstance
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal

comctl32

ImageList_LoadImageA
ImageList_SetBkColor
ImageList_SetDragCursorImage
CreateUpDownControl
ImageList_Copy
ImageList_SetOverlayImage
ImageList_Duplicate
FlatSB_ShowScrollBar

dsdmo

DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 305KB - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02e54fd60a714fb0db04147d2bb342c4

Headers

File Characteristics

Imports

user32

gdi32

kernel32

shlwapi

advapi32

shell32

oleaut32

version

wsock32

ole32

comctl32

dsdmo

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 305KB - Virtual size: 780KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 305KB - Virtual size: 780KB

.rsrc
Size: 3KB - Virtual size: 3KB