JaffaCakes118_04b64f16fd1d5416d095b5173ec95050

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_04b64f16fd1d5416d095b5173ec95050
Size

307KB
MD5

04b64f16fd1d5416d095b5173ec95050
SHA1

a457c4fef8fa328d29067eee6a1c5c841650fdf2
SHA256

98f5f4784c9f7b668c9bd2cef3f802324e9a6b896b11457b484040dfd1bb26ed
SHA512

5c6591ab485857710f4aeae160260e04f246dc3bce64f1f72c4125216caf51d55cfaad4ddfe48341bb1a4fe0e51aab98b7eaf99ac60c11458b0d8aec0ca9e984
SSDEEP

6144:V37k7vL3JO5O5RcBQHUhndpvARzQqZrVBnziQMOo4Za0zrDXpED9b:V3ovZO4RcBQ2v6Mir3uQMORaOrQ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_04b64f16fd1d5416d095b5173ec95050

Files

JaffaCakes118_04b64f16fd1d5416d095b5173ec95050
.exe windows:4 windows x86 arch:x86

7d39e0eeb69fc210143ca9c7b511340c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysStringByteLen
CreateErrorInfo
SysAllocStringByteLen
SafeArrayLock
SafeArrayGetVartype
VariantInit
VarUI4FromStr
RegisterTypeLi
SysAllocStringLen
VariantChangeType
SafeArrayCreate
LoadTypeLi
SafeArrayRedim
SafeArrayGetUBound
VariantClear
VariantCopyInd
VariantCopy
LoadRegTypeLi
SafeArrayDestroy
SysAllocString
SetErrorInfo
SysFreeString
SysStringLen
GetErrorInfo
SafeArrayCopy
SafeArrayGetLBound
UnRegisterTypeLi
SafeArrayUnlock

kernel32

CreateFileW
lstrlenW
VerSetConditionMask
lstrlenA
IsValidLocale
GetVolumeNameForVolumeMountPointW
FreeEnvironmentStringsA
FindResourceW
GetCurrentThreadId
GetConsoleCP
WriteConsoleW
GetDriveTypeW
EnumSystemLocalesA
HeapReAlloc
WaitForMultipleObjects
FreeEnvironmentStringsW
SetProcessWorkingSetSize
GetExitCodeThread
SetConsoleCtrlHandler
GetCommandLineW
SetWaitableTimer
IsDebuggerPresent
LocalFree
GetOEMCP
TlsGetValue
GetProcessHeap
RaiseException
WaitForSingleObject
lstrcmpiW
DeleteCriticalSection
HeapAlloc
GetFileType
LCMapStringA
CreateFileA
HeapDestroy
ResumeThread
SetUnhandledExceptionFilter
GetCommandLineA
DeviceIoControl
GetSystemTimeAsFileTime
TerminateThread
TlsSetValue
VerifyVersionInfoW
SetHandleCount
WriteFile
HeapFree
RtlUnwind
WriteConsoleA
WideCharToMultiByte
CloseHandle
SetLastError
GetACP
VirtualAlloc
VirtualFree
GetSystemInfo
CreateWaitableTimerW
GetUserDefaultLCID
GetModuleHandleA
OpenProcess
EnterCriticalSection
SetFilePointer
HeapSize
SetProcessShutdownParameters
FindResourceExW
SizeofResource
GetConsoleMode
CancelIo
FreeLibrary
GetThreadLocale
CreateEventW
GetConsoleOutputCP
VirtualQuery
LoadLibraryExW
LCMapStringW
LoadResource
DuplicateHandle
GetStdHandle
LeaveCriticalSection
GetModuleHandleW
CreateProcessW
TlsAlloc
LockResource
TlsFree
VirtualProtect
SetStdHandle
CreateThread
FlushFileBuffers
UnhandledExceptionFilter
IsValidCodePage
VirtualAllocEx

user32

DispatchMessageW
RegisterClassW
CharUpperBuffW
GetMessageW
PostThreadMessageW
LoadCursorW
wsprintfW
TranslateMessage
CharNextW
CreateWindowExW
MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassW
LoadStringW
GetSysColorBrush
DefWindowProcW
UnregisterClassA
DestroyWindow
GetDC
SetDlgItemInt
LoadCursorA
EnumWindows
EnableMenuItem
GetFocus
LoadMenuA
GetDlgItemTextW
SetCursorPos
SetWindowPos
RegisterClassA
IsChild
EmptyClipboard
DestroyIcon
GetIconInfo
LoadImageA
GetCaretPos
FindWindowW
SetParent
GetMenuItemID
CharPrevA
GetCapture
CopyRect
GetScrollPos

advapi32

RegisterEventSourceW
RegDeleteKeyW
CreateProcessAsUserW
SetNamedSecurityInfoW
QueryServiceConfigW
ReportEventW
AddAce
RegisterServiceCtrlHandlerW
OpenServiceW
InitializeSecurityDescriptor
MakeAbsoluteSD
DeleteService
GetSidSubAuthority
RegCloseKey
SetSecurityDescriptorGroup
ConvertSecurityDescriptorToStringSecurityDescriptorW
ControlService
GetSecurityDescriptorControl
CloseServiceHandle
CopySid
SetServiceStatus
StartServiceCtrlDispatcherW
GetSecurityDescriptorGroup
ChangeServiceConfigW
SetSecurityDescriptorDacl
QueryServiceStatusEx
GetSidLengthRequired
InitializeSid
RegEnumValueW
RegQueryValueExW
SetThreadToken
DuplicateToken
CreateServiceW
EqualSid
GetLengthSid
GetSecurityDescriptorDacl
SetSecurityDescriptorOwner
GetSecurityDescriptorLength
RegOpenKeyExW
RegDeleteValueW
GetSecurityDescriptorOwner
ChangeServiceConfig2W
ConvertStringSecurityDescriptorToSecurityDescriptorW
CheckTokenMembership
DeregisterEventSource
OpenThreadToken
DuplicateTokenEx
RegEnumKeyExW
GetTokenInformation
RegSetValueExW
RegCreateKeyExW
InitializeAcl
LookupAccountNameW
RegQueryInfoKeyW
GetAclInformation
OpenSCManagerW
GetSecurityDescriptorSacl
MakeSelfRelativeSD
IsValidSid

ole32

CLSIDFromString
CoTaskMemAlloc
CoSuspendClassObjects
StringFromGUID2
CoRevokeClassObject
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoRevertToSelf
CoTaskMemRealloc
CoUninitialize
CoRegisterClassObject
CoImpersonateClient
StringFromCLSID
OleRun
CoInitializeSecurity
ProgIDFromCLSID
CoResumeClassObjects

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
SetupDiGetClassDevsExW
SetupDiCreateDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiCreateDeviceInfoListExW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInfoListDetailW
CM_Locate_DevNodeW
SetupDiOpenDeviceInfoW
SetupDiEnumDeviceInfo
CM_Get_Device_IDW
SetupDiSetDeviceRegistryPropertyW
CM_Get_Child
SetupDiDestroyDeviceInfoList
CM_Get_Device_ID_Size
CM_Get_Parent
CM_Get_DevNode_Status_Ex
CM_Get_Sibling

shlwapi

PathQuoteSpacesW
PathRemoveFileSpecW

iphlpapi

NotifyAddrChange

userenv

UnloadUserProfile

gdi32

GetTextColor

mciqtz32

DriverProc

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d39e0eeb69fc210143ca9c7b511340c

Headers

File Characteristics

Imports

oleaut32

kernel32

user32

advapi32

ole32

setupapi

shlwapi

iphlpapi

userenv

gdi32

mciqtz32

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 251KB - Virtual size: 309KB

.rdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 22KB - Virtual size: 54KB

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 251KB - Virtual size: 309KB

.rdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 22KB - Virtual size: 54KB