JaffaCakes118_fc19a219733765e910cd614e4753e866

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_fc19a219733765e910cd614e4753e866
Size

262KB
MD5

fc19a219733765e910cd614e4753e866
SHA1

d31ba12e4b2934417a2190a8d58f84a70a08b5ce
SHA256

39aa2388d366afacaa020151fc6c50127a0fa989cd784f9d293725ee9764bdb8
SHA512

4a8fbcc8236c3824e6300e5c09bdad092630288591637b1db2221d9817dd68c25211f72a6648e6a2198c806cca3f342969f2ae91b5ff72e90676369a49686b28
SSDEEP

6144:BfEzDFVbKPFzX86msiQVeFWkKdG+FXzudXHbbR:BfuDFxCFDxmsiQAFWk2XydXHbV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_fc19a219733765e910cd614e4753e866

Files

JaffaCakes118_fc19a219733765e910cd614e4753e866
.exe windows:4 windows x86 arch:x86

c887cacbdbacd643c2673991bfef6200

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayCopy
LoadTypeLi
SafeArrayDestroy
SafeArrayUnlock
SafeArrayGetVartype
SafeArrayGetUBound
VariantCopyInd
SafeArrayRedim
SafeArrayGetLBound
VarBstrCmp
VariantInit
SafeArrayLock
SafeArrayCreate
VariantClear
LoadRegTypeLi
SysAllocStringByteLen
SysStringByteLen
VarBstrCat
SysStringLen
VariantCopy
SysFreeString
SysAllocString
SysAllocStringLen

kernel32

HeapFree
RaiseException
SetLastError
GetThreadLocale
HeapReAlloc
FindVolumeMountPointClose
HeapDestroy
LeaveCriticalSection
GetLogicalDrives
GetLogicalDriveStringsW
GetACP
FindFirstVolumeMountPointW
CloseHandle
FormatMessageW
HeapSize
QueryDosDeviceW
SetThreadLocale
GetModuleHandleW
GetVolumeNameForVolumeMountPointW
GetDriveTypeW
IsDebuggerPresent
DeleteCriticalSection
GetCurrentThreadId
GetSystemTimeAsFileTime
HeapAlloc
FindNextVolumeMountPointW
SetUnhandledExceptionFilter
lstrlenW
GetProcessHeap
UnhandledExceptionFilter
ExpandEnvironmentStringsW
EnterCriticalSection
GetFullPathNameW
VirtualAlloc

userenv

UnloadUserProfile

ole32

CoGetCallContext
CoCreateInstance
CoRevertToSelf
CoImpersonateClient

shlwapi

StrRetToStrW

user32

CharUpperBuffW
UnregisterClassA
wsprintfW

shell32

SHGetMalloc
SHGetDesktopFolder

advapi32

GetTokenInformation
EqualSid
IsValidSid
CopySid
RegOpenKeyExW
OpenThreadToken
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
GetLengthSid
RegQueryInfoKeyW
OpenProcessToken
RegEnumValueW

iassvcs

IASUninitialize
IASSetMaxNumberOfThreads
IASAdler32

version

VerLanguageNameW

Sections

.sNod
Size: 1024B - Virtual size: 19KB

IMAGE_SCN_MEM_READ

.QrJp
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_MEM_READ

.RZDufI
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_MEM_READ

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.TCuZ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YyNjVhV
Size: 1024B - Virtual size: 729B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QZik
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GUeCn
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lqraHT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Nnyonit
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JhOS
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UMdwDwW
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c887cacbdbacd643c2673991bfef6200

Headers

File Characteristics

Imports

oleaut32

kernel32

userenv

ole32

shlwapi

user32

shell32

advapi32

iassvcs

version

Sections

.sNod Size: 1024B - Virtual size: 19KB

.QrJp Size: 3KB - Virtual size: 31KB

.RZDufI Size: 1KB - Virtual size: 34KB

.text Size: 17KB - Virtual size: 16KB

.TCuZ Size: 3KB - Virtual size: 2KB

.YyNjVhV Size: 1024B - Virtual size: 729B

.QZik Size: 2KB - Virtual size: 2KB

.GUeCn Size: 2KB - Virtual size: 2KB

.lqraHT Size: 3KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 59KB

.Nnyonit Size: 2KB - Virtual size: 2KB

.rdata Size: 208KB - Virtual size: 207KB

.JhOS Size: 2KB - Virtual size: 2KB

.UMdwDwW Size: 3KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 3KB

.sNod
Size: 1024B - Virtual size: 19KB

.QrJp
Size: 3KB - Virtual size: 31KB

.RZDufI
Size: 1KB - Virtual size: 34KB

.text
Size: 17KB - Virtual size: 16KB

.TCuZ
Size: 3KB - Virtual size: 2KB

.YyNjVhV
Size: 1024B - Virtual size: 729B

.QZik
Size: 2KB - Virtual size: 2KB

.GUeCn
Size: 2KB - Virtual size: 2KB

.lqraHT
Size: 3KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 59KB

.Nnyonit
Size: 2KB - Virtual size: 2KB

.rdata
Size: 208KB - Virtual size: 207KB

.JhOS
Size: 2KB - Virtual size: 2KB

.UMdwDwW
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 3KB