JaffaCakes118_d58fe98d258a0791c48848f6f51dbeb1

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_d58fe98d258a0791c48848f6f51dbeb1
Size

257KB
MD5

d58fe98d258a0791c48848f6f51dbeb1
SHA1

88f60be180daefb70a33e9094542058c413bb355
SHA256

810608acd19439137e88cc7411635bf63062ac4a0d25904c84fe3c9d59c321a3
SHA512

41898eb87fe616f9ace6940f4027a76f6c0ff0ee77b4246bd57db778aeacd4fc8fbe2d759af8e2dc2d5ed9b613d52cb601bc9ba9939db7ca59eb3cbb491edee1
SSDEEP

6144:S0g2ZiMlB4pBS1Xi42FnJuCa3NzKPtsCV6UsDFooE3:3g2ZiMHeGybHxttsMcq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_d58fe98d258a0791c48848f6f51dbeb1

Files

JaffaCakes118_d58fe98d258a0791c48848f6f51dbeb1
.exe windows:4 windows x86 arch:x86

db335b8243a5a53df4f93ee7223e5ed7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharLowerW
ExitWindowsEx
wsprintfA
CharUpperA
OemToCharBuffA
GetSystemMetrics
CharLowerA
CharUpperW
CharToOemBuffA

advapi32

OpenProcessToken
LookupAccountSidA
AllocateAndInitializeSid
LookupPrivilegeValueA
SetSecurityDescriptorDacl
DuplicateToken
AdjustTokenPrivileges
InitializeAcl
GetUserNameA
ImpersonateLoggedOnUser
FreeSid
DuplicateTokenEx
RevertToSelf
SetSecurityDescriptorSacl
CopySid
GetLengthSid
SetThreadToken
InitializeSecurityDescriptor
AddAccessAllowedAce
OpenThreadToken
GetTokenInformation
EqualSid

shlwapi

PathUnExpandEnvStringsA
PathUnExpandEnvStringsW
PathIsRootA
StrStrNW
PathSearchAndQualifyW
PathFindExtensionW
PathIsPrefixA
PathUnmakeSystemFolderW
PathRemoveBlanksA
PathIsUNCServerA
StrRStrIA
SHQueryInfoKeyW
PathAppendW
SHRegWriteUSValueW
DllGetVersion
UrlIsA
PathGetCharTypeW
StrCmpNW
PathRemoveBlanksW
UrlHashA
SHRegCloseUSKey
PathSearchAndQualifyA
SHSkipJunction
PathCommonPrefixA
StrCatChainW
PathIsSameRootA
UrlIsW
SHDeleteKeyA
SHIsLowMemoryMachine
StrRChrIA
StrToIntA
StrChrNW
PathBuildRootA
PathFindSuffixArrayW
StrCSpnA
UrlEscapeA
PathCommonPrefixW
StrFormatKBSizeA
ColorRGBToHLS

kernel32

WaitForSingleObjectEx
SetUnhandledExceptionFilter
CreateMutexA
ResetEvent
ReleaseSemaphore
OutputDebugStringA
lstrcpyW
HeapReAlloc
GetModuleHandleW
GetWindowsDirectoryA
GlobalMemoryStatus
UnhandledExceptionFilter
EnterCriticalSection
HeapAlloc
HeapFree
GetSystemDirectoryA
GetSystemTimeAsFileTime
SleepEx
QueryPerformanceFrequency
SetErrorMode
IsDebuggerPresent
OpenMutexA
ReleaseMutex
LeaveCriticalSection
VirtualUnlock
ExpandEnvironmentStringsW
GetSystemInfo
OpenProcess
VirtualProtect
HeapDestroy
CloseHandle
GetCurrentThreadId
HeapValidate
CreateSemaphoreW
OpenEventA
GetProcessHeap
ExpandEnvironmentStringsA
VirtualLock
CreateSemaphoreA
GetTempFileNameA
DeleteCriticalSection
VirtualAlloc
FreeLibrary
CreateEventA
PulseEvent
HeapSize
lstrcpyA
VirtualFree
WaitForSingleObject
WideCharToMultiByte
GetTempPathA
GetModuleHandleA
OpenSemaphoreA
GlobalMemoryStatusEx
GetStartupInfoW
VirtualAllocEx

tapi3

DllCanUnloadNow

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UOxl
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GQKuR
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rebu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lCAnT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gZuLycI
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dmItC
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LEKyy
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db335b8243a5a53df4f93ee7223e5ed7

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

shlwapi

kernel32

tapi3

Sections

.text Size: 18KB - Virtual size: 17KB

.UOxl Size: 2KB - Virtual size: 2KB

.GQKuR Size: 3KB - Virtual size: 2KB

.rebu Size: 1KB - Virtual size: 1KB

.lCAnT Size: 3KB - Virtual size: 2KB

.rdata Size: 209KB - Virtual size: 208KB

.gZuLycI Size: 2KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 284KB

.rsrc Size: 4KB - Virtual size: 3KB

.dmItC Size: 2KB - Virtual size: 2KB

.LEKyy Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.UOxl
Size: 2KB - Virtual size: 2KB

.GQKuR
Size: 3KB - Virtual size: 2KB

.rebu
Size: 1KB - Virtual size: 1KB

.lCAnT
Size: 3KB - Virtual size: 2KB

.rdata
Size: 209KB - Virtual size: 208KB

.gZuLycI
Size: 2KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 284KB

.rsrc
Size: 4KB - Virtual size: 3KB

.dmItC
Size: 2KB - Virtual size: 2KB

.LEKyy
Size: 2KB - Virtual size: 1KB