JaffaCakes118_b7f8022634a60fed4dbbb6713fadb70d

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_b7f8022634a60fed4dbbb6713fadb70d
Size

280KB
MD5

b7f8022634a60fed4dbbb6713fadb70d
SHA1

df16a0e9a051fc0a675db3b4469c3a2397531b69
SHA256

26c61699a79c4be5d8e6c4b6ffe975062d87982c1c15402dbf353a4a0293f296
SHA512

5c0d57934a8f4eb770c13783c4176233bde8c9fb76bdab199ee2e901adf72b0636703f77cd5fe067c88fe1a436dca363f633b16eb26ad00b3ea6d2ce16d68a8f
SSDEEP

6144:A19B1gfz34hpc+IGqhn3fnMrttUcOBUY6ex0Pf7ZRuu/M1az1pc1MOeP86N3:Afgfz3spc+evnutUHM3H7ZRKaZLrhN3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b7f8022634a60fed4dbbb6713fadb70d

Files

JaffaCakes118_b7f8022634a60fed4dbbb6713fadb70d
.exe windows:4 windows x86 arch:x86

64ee46d29c31d814916b8bd6a5e984e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetSystemTimeAsFileTime
CopyFileW
CopyFileA
lstrcpyA
CreateFileW
FileTimeToSystemTime
GetModuleHandleA
GetACP
FindNextFileA
CloseHandle
SizeofResource
SetErrorMode
QueueUserWorkItem
GlobalFindAtomA
GetDriveTypeA
WideCharToMultiByte
WaitForMultipleObjects
DeleteFileA
DeviceIoControl
GetFileTime
FindFirstFileW
GetFullPathNameA
SetUnhandledExceptionFilter
GetOverlappedResult
SetThreadLocale
LeaveCriticalSection
CancelIo
lstrcpynA
GlobalAddAtomA
GetShortPathNameW
GetPrivateProfileStringA
GetSystemDefaultLCID
CreateThread
ReleaseMutex
GetSystemInfo
SetFileAttributesA
GetPrivateProfileStringW
WaitForSingleObject
GetShortPathNameA
CreateEventA
GetSystemDirectoryA
CreateMutexA
FindClose
GetThreadLocale
DeleteCriticalSection
GetCurrentThreadId
SetFileTime
ReadFile
GetVolumeInformationA
IsDebuggerPresent
SetEndOfFile
EnterCriticalSection
SetLastError
CreateFileA
HeapAlloc
UnhandledExceptionFilter
SetFileAttributesW
SetFilePointer
lstrlenW
FindFirstFileA
WriteFile
SetVolumeLabelA
GetProcessHeap
lstrcmpiA
lstrlenA
DeleteFileW
FindResourceA
VirtualAllocEx

ws2_32

ntohl
inet_ntoa

rpcrt4

UuidCreate

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

advapi32

RegQueryValueExW
GetSecurityDescriptorLength
RegEnumKeyExA
DeleteService
GetSecurityDescriptorSacl
RegDeleteValueW
ControlService
GetSecurityDescriptorDacl
AdjustTokenPrivileges
RegDeleteValueA
RegDeleteKeyA
QueryServiceStatus
IsValidSid
CreateServiceW
CloseServiceHandle
RegOpenKeyExA
LookupPrivilegeValueA
OpenServiceA
GetSecurityDescriptorOwner
OpenProcessToken
StartServiceA
RegSetValueExA
RegCreateKeyExA
RegCreateKeyExW
IsValidAcl
GetUserNameW
GetKernelObjectSecurity
RegQueryValueExA
QueryServiceConfigA
RegCloseKey
ChangeServiceConfigA
GetSecurityDescriptorControl
RegEnumValueA
GetSecurityDescriptorGroup
OpenSCManagerA
IsValidSecurityDescriptor
SetKernelObjectSecurity
RegSetValueExW

user32

OemToCharA
wsprintfA
CharToOemA
LoadStringW

iphlpapi

GetIpAddrTable
GetIfEntry

iassvcs

IASUninitialize
IASVariantChangeType
DllGetClassObject

modemui

drvSetDefaultCommConfigA

Sections

.XiBeX
Size: 2KB - Virtual size: 33KB

IMAGE_SCN_MEM_READ

.BgxtpK
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_MEM_READ

.rfpXv
Size: 1024B - Virtual size: 22KB

IMAGE_SCN_MEM_READ

.kfKS
Size: 3KB - Virtual size: 21KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PoMAUbO
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bujIn
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JGXtF
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UWYSfm
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ONNld
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rlyYU
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PcMrrP
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ytbrUR
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64ee46d29c31d814916b8bd6a5e984e0

Headers

File Characteristics

Imports

kernel32

ws2_32

rpcrt4

version

advapi32

user32

iphlpapi

iassvcs

modemui

Sections

.XiBeX Size: 2KB - Virtual size: 33KB

.BgxtpK Size: 1024B - Virtual size: 33KB

.rfpXv Size: 1024B - Virtual size: 22KB

.kfKS Size: 3KB - Virtual size: 21KB

.text Size: 19KB - Virtual size: 19KB

.PoMAUbO Size: 512B - Virtual size: 160B

.bujIn Size: 1KB - Virtual size: 1KB

.JGXtF Size: 3KB - Virtual size: 2KB

.UWYSfm Size: 2KB - Virtual size: 1KB

.ONNld Size: 3KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 243KB

.rlyYU Size: 3KB - Virtual size: 2KB

.rdata Size: 209KB - Virtual size: 208KB

.PcMrrP Size: 3KB - Virtual size: 2KB

.ytbrUR Size: 2KB - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 17KB

.XiBeX
Size: 2KB - Virtual size: 33KB

.BgxtpK
Size: 1024B - Virtual size: 33KB

.rfpXv
Size: 1024B - Virtual size: 22KB

.kfKS
Size: 3KB - Virtual size: 21KB

.text
Size: 19KB - Virtual size: 19KB

.PoMAUbO
Size: 512B - Virtual size: 160B

.bujIn
Size: 1KB - Virtual size: 1KB

.JGXtF
Size: 3KB - Virtual size: 2KB

.UWYSfm
Size: 2KB - Virtual size: 1KB

.ONNld
Size: 3KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 243KB

.rlyYU
Size: 3KB - Virtual size: 2KB

.rdata
Size: 209KB - Virtual size: 208KB

.PcMrrP
Size: 3KB - Virtual size: 2KB

.ytbrUR
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 17KB