JaffaCakes118_db1234c9e1bd719b9b9f6cacf22aa347

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_db1234c9e1bd719b9b9f6cacf22aa347
Size

282KB
MD5

db1234c9e1bd719b9b9f6cacf22aa347
SHA1

c47530e7c37dc8cf90dd34cddab059034561f234
SHA256

b737cac40e54d5ae8a6acc40ad56529f56701d51d890ea82d95a9a74164559a3
SHA512

e2402263dfefc98ced7a8ee68f6b638295ebed3b6f9b30a7eb7bc8d7ce8b61713c83b42beb59b55f1605d46175cec56624122d7095fcea0c08425b11d439514b
SSDEEP

6144:ldG/OyRuNyDGnwnicZO7T3Lo7GvcgzEQpA9:e7mCGEiSA7JvXQq0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_db1234c9e1bd719b9b9f6cacf22aa347

Files

JaffaCakes118_db1234c9e1bd719b9b9f6cacf22aa347
.exe windows:4 windows x86 arch:x86

a07d17e02a2b08cfcc74dfb8f9a77898

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessImageFileNameW

ole32

CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
IIDFromString
CoTaskMemRealloc

comctl32

InitCommonControlsEx

rpcrt4

UuidCreate
RpcStringFreeW
UuidToStringW

iphlpapi

GetInterfaceInfo
FlushIpNetTable
IpRenewAddress
IpReleaseAddress

kernel32

RaiseException
GetDiskFreeSpaceExW
GlobalAlloc
SetLastError
CreateFileA
DeleteCriticalSection
FindFirstChangeNotificationW
LoadLibraryExW
GetModuleHandleW
RemoveDirectoryW
HeapReAlloc
CloseHandle
UnhandledExceptionFilter
GetSystemTime
FindCloseChangeNotification
GetThreadContext
ProcessIdToSessionId
DosDateTimeToFileTime
HeapSize
lstrlenA
GetTempPathW
CopyFileW
GlobalLock
GetUserDefaultLCID
FindFirstFileW
ExpandEnvironmentStringsW
LoadResource
WideCharToMultiByte
GetTimeFormatW
WaitForSingleObject
CreateProcessW
lstrlenW
GetProcessHeap
SetUnhandledExceptionFilter
OpenThread
lstrcmpiW
ReadFile
SystemTimeToFileTime
GetPrivateProfileStringW
SuspendThread
FreeLibrary
GetFileAttributesExW
DisableThreadLibraryCalls
CreateDirectoryW
FormatMessageW
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
SetFileAttributesW
GetFileSize
HeapDestroy
LocalAlloc
SetFileTime
SizeofResource
FindResourceExW
FindNextFileW
LocalFree
IsDebuggerPresent
GetSystemInfo
ResumeThread
LocalFileTimeToFileTime
GlobalMemoryStatusEx
GetDateFormatW
FindNextChangeNotification
LeaveCriticalSection
LockResource
MulDiv
FileTimeToSystemTime
OpenProcess
GetCommandLineW
DeleteFileW
WTSGetActiveConsoleSessionId
MoveFileW
HeapFree
HeapAlloc
FindResourceW
GetSystemTimeAsFileTime
SetFileAttributesA
GetFileSizeEx
EnterCriticalSection
GlobalFree
GetSystemDefaultLCID
CreateFileW
FindClose
GlobalUnlock
GetCurrentThreadId
CreateThread
VirtualAllocEx

gdi32

GetDeviceCaps

user32

DestroyWindow
OpenClipboard
SetClipboardData
EmptyClipboard
IsIconic
CloseClipboard
PeekMessageW
FindWindowExW
SystemParametersInfoW
SetWindowPos
SetForegroundWindow
ReleaseDC
CharNextW
DefWindowProcW
GetSystemMetrics
GetWindowLongW
GetDC
ShowWindow
LoadIconW
MessageBoxW

oleaut32

SysAllocString
SysStringLen
VariantInit
VarUI4FromStr
VariantClear
SysAllocStringLen
SysFreeString

dbghelp

MakeSureDirectoryPathExists
ExtensionApiVersion
SymGetModuleInfo
vc7fpo
GetTimestampForLoadedLibrary
SymFromName
WinDbgExtensionDllInit
SymUnDName

kbdhe

KbdLayerDescriptor

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lwykNE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MFWAaEn
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ftGiaJ
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Vpjpu
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tfhRBe
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RrtqNp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YjnSD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AGWgpJ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lbarjCC
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AzLvR
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a07d17e02a2b08cfcc74dfb8f9a77898

Headers

File Characteristics

Imports

psapi

ole32

comctl32

rpcrt4

iphlpapi

kernel32

gdi32

user32

oleaut32

dbghelp

kbdhe

Sections

.text Size: 87KB - Virtual size: 86KB

.lwykNE Size: 3KB - Virtual size: 2KB

.MFWAaEn Size: 2KB - Virtual size: 1KB

.ftGiaJ Size: 1024B - Virtual size: 856B

.Vpjpu Size: 2KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 229KB

.tfhRBe Size: 3KB - Virtual size: 2KB

.RrtqNp Size: 4KB - Virtual size: 4KB

.rdata Size: 139KB - Virtual size: 138KB

.YjnSD Size: 1KB - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 17KB

.AGWgpJ Size: 4KB - Virtual size: 4KB

.lbarjCC Size: 3KB - Virtual size: 2KB

.AzLvR Size: 4KB - Virtual size: 3KB

.text
Size: 87KB - Virtual size: 86KB

.lwykNE
Size: 3KB - Virtual size: 2KB

.MFWAaEn
Size: 2KB - Virtual size: 1KB

.ftGiaJ
Size: 1024B - Virtual size: 856B

.Vpjpu
Size: 2KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 229KB

.tfhRBe
Size: 3KB - Virtual size: 2KB

.RrtqNp
Size: 4KB - Virtual size: 4KB

.rdata
Size: 139KB - Virtual size: 138KB

.YjnSD
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 17KB

.AGWgpJ
Size: 4KB - Virtual size: 4KB

.lbarjCC
Size: 3KB - Virtual size: 2KB

.AzLvR
Size: 4KB - Virtual size: 3KB