JaffaCakes118_c59b6bc8e310ed57d7df235afb9aafae

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_c59b6bc8e310ed57d7df235afb9aafae
Size

268KB
MD5

c59b6bc8e310ed57d7df235afb9aafae
SHA1

1048ba3f7d0efb4444bc366a24c5d897d6299f42
SHA256

b2ba03ba93532056af939bdf29d138c2220fda8d5e1fdef86b6f04698cf5330e
SHA512

116e6a8a45cc5e531369ab531cad3a5cbfce9358b8e5756da405e8630f71b2ab073082de211eea2d87f5610cf3ab37c237cddc9de99f7c5011983af617f4654e
SSDEEP

6144:XRkn+alqMqDoV0L29KQWFte1RfUuSDe+ArH:XRg+allJ0LcKNyR3SM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c59b6bc8e310ed57d7df235afb9aafae

Files

JaffaCakes118_c59b6bc8e310ed57d7df235afb9aafae
.exe windows:4 windows x86 arch:x86

6557903e39eb0fff6caac64e75d141e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

kernel32

GetACP
GetThreadLocale
RaiseException
CompareFileTime
WaitForSingleObject
GetModuleHandleA
lstrlenW
lstrlenA
FreeLibrary
MoveFileA
GetWindowsDirectoryA
CreateEventA
CopyFileExA
GetSystemDirectoryA
CreateDirectoryA
GetThreadPriority
GetCurrentThreadId
GetLocalTime
GetCurrentDirectoryA
CreateMutexA
lstrcpynA
GetShortPathNameA
lstrcmpiA
LocalFree
CopyFileA
FileTimeToSystemTime
RemoveDirectoryA
SystemTimeToFileTime
IsValidCodePage
IsBadCodePtr
IsValidLocale
GetUserDefaultLCID
SetUnhandledExceptionFilter
TlsAlloc
GetOEMCP
GetSystemInfo
GetProcAddress

user32

CharPrevA
PostMessageA
MessageBoxA
CharUpperA
GetSystemMetrics

advapi32

IsTextUnicode
ImpersonateLoggedOnUser
RevertToSelf
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetTokenInformation
DuplicateTokenEx
SetTokenInformation
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoUninitialize
CoInitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocStringByteLen
SysAllocString

shlwapi

PathFileExistsA
PathRemoveFileSpecA

cryptui

CryptUIDlgSelectCA
CryptUIDlgViewContext
CryptUIWizQueryCertRequestNoDS
CryptUIDlgViewCertificateW
CryptUIGetViewSignaturesPagesW
CryptUIDlgSelectCertificateW

msident

DllCanUnloadNow

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Y
Size: 4KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MoKn
Size: 2KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fFqpwT
Size: 512B - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SD
Size: 3KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LdU
Size: 116KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FUMIG
Size: 1024B - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.f
Size: 1024B - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ANRgVD
Size: 97KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bi
Size: 3KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6557903e39eb0fff6caac64e75d141e1

Headers

File Characteristics

Imports

wininet

version

iphlpapi

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

cryptui

msident

Sections

.text Size: 14KB - Virtual size: 14KB

.Y Size: 4KB - Virtual size: 173KB

.MoKn Size: 2KB - Virtual size: 234KB

.rdata Size: 3KB - Virtual size: 35KB

.fFqpwT Size: 512B - Virtual size: 27KB

.SD Size: 3KB - Virtual size: 118KB

.LdU Size: 116KB - Virtual size: 119KB

.FUMIG Size: 1024B - Virtual size: 203KB

.a Size: 2KB - Virtual size: 38KB

.f Size: 1024B - Virtual size: 61KB

.data Size: 7KB - Virtual size: 222KB

.ANRgVD Size: 97KB - Virtual size: 179KB

.bi Size: 3KB - Virtual size: 75KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 14KB - Virtual size: 14KB

.Y
Size: 4KB - Virtual size: 173KB

.MoKn
Size: 2KB - Virtual size: 234KB

.rdata
Size: 3KB - Virtual size: 35KB

.fFqpwT
Size: 512B - Virtual size: 27KB

.SD
Size: 3KB - Virtual size: 118KB

.LdU
Size: 116KB - Virtual size: 119KB

.FUMIG
Size: 1024B - Virtual size: 203KB

.a
Size: 2KB - Virtual size: 38KB

.f
Size: 1024B - Virtual size: 61KB

.data
Size: 7KB - Virtual size: 222KB

.ANRgVD
Size: 97KB - Virtual size: 179KB

.bi
Size: 3KB - Virtual size: 75KB

.rsrc
Size: 10KB - Virtual size: 10KB