JaffaCakes118_cc791f71c87b8501265e929fa6535161

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_cc791f71c87b8501265e929fa6535161
Size

304KB
MD5

cc791f71c87b8501265e929fa6535161
SHA1

0ee54221135ec1eb95f5c73e00a53474d5834fa5
SHA256

65fc08724cf3e535295a11b7f2eda227887f833c88fe85a207684e9b4ac8c069
SHA512

56abf65e244bb13376e4cf873d06258b9397745259b8fc12f8acdc057a565120a3dcfba67d605ac1e11959d234c6c0f33ea665bb8cffb5632b1f5f61013ddddc
SSDEEP

6144:ftaK1iCzqRDgaE1o71bliASplR29yPhdx2h23FKBRcPsLh+0:s4iCqgN1o715BSHR29yZTFKBRx9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_cc791f71c87b8501265e929fa6535161

Files

JaffaCakes118_cc791f71c87b8501265e929fa6535161
.exe windows:4 windows x86 arch:x86

5ba67bc8f8c91df96f20e3813983b9d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSCWriteProviderOrder
WSCDeinstallProvider
WSAStartup
WSCGetProviderPath
WSCEnumProtocols
WSACleanup
WSCInstallProvider

advapi32

SetSecurityDescriptorDacl
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
InitializeSecurityDescriptor

rpcrt4

UuidCreate

ole32

StringFromGUID2

kernel32

SetStdHandle
WriteFile
VirtualAlloc
GetOEMCP
WideCharToMultiByte
IsValidCodePage
SetHandleCount
SetFilePointer
TlsAlloc
GetModuleHandleA
UnhandledExceptionFilter
IsValidLocale
DeleteCriticalSection
GetUserDefaultLCID
WriteConsoleW
TlsGetValue
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsA
SetEndOfFile
FlushFileBuffers
CreateFileA
TlsFree
EnterCriticalSection
FreeEnvironmentStringsW
GetSystemTime
WriteConsoleA
RtlUnwind
LCMapStringA
GetACP
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetCommandLineA
VirtualFree
IsDebuggerPresent
HeapReAlloc
LCMapStringW
HeapFree
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
HeapDestroy
EnumSystemLocalesA
GetTimeFormatA
TlsSetValue
ReadFile
GetConsoleCP
GetSystemTimeAsFileTime
GetProcessHeap
GetSystemDirectoryA
FreeLibrary
HeapAlloc
FreeEnvironmentStringsA
CloseHandle
GetModuleHandleW
HeapSize
GetTempPathA
LeaveCriticalSection
GetCurrentThreadId
GetConsoleOutputCP
SetLastError
RaiseException
GetConsoleMode
GetCurrentProcess

cmutil

CmAtolA
CmLoadImageW
CmStrTrimW
CmLoadIconW
CmRealloc
WzToSzWithAlloc
CmLoadIconA

kbdsg

KbdLayerDescriptor

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ba67bc8f8c91df96f20e3813983b9d3

Headers

File Characteristics

Imports

ws2_32

advapi32

rpcrt4

ole32

kernel32

cmutil

kbdsg

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 280KB - Virtual size: 1.0MB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 280KB - Virtual size: 1.0MB

.rsrc
Size: 512B - Virtual size: 4KB