JaffaCakes118_0f76eedcf7f470ef2bba00559a7860b1

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_0f76eedcf7f470ef2bba00559a7860b1
Size

294KB
MD5

0f76eedcf7f470ef2bba00559a7860b1
SHA1

3d23f6619b7025fc7f313f9f725b196b69d3134a
SHA256

63ca3f3c8f5c1100483e4ae8c9653bf3de3284a18212ce19c9e3e7942e8526f6
SHA512

c4ffa979f26bde344a7b01c8ed4cbe89e60806247d0bf23a1054db797f5ec3ff93cc3ca0626cb703d45dd62ae7955b4807baf2ed7c0698f96d00914ace6e09af
SSDEEP

6144:fbUjoep8/QwZucnBReWqd+bS2ZFwtgZNLhNjDYk:ojPdcneSbS2ZFwQNjD3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0f76eedcf7f470ef2bba00559a7860b1

Files

JaffaCakes118_0f76eedcf7f470ef2bba00559a7860b1
.exe windows:4 windows x86 arch:x86

c77c00761a9a55564c093718146a97e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
WriteConsoleA
UnhandledExceptionFilter
SetHandleCount
GetFileType
ReadFile
InitializeCriticalSectionAndSpinCount
GetCommandLineA
SetEndOfFile
ExpandEnvironmentStringsA
LeaveCriticalSection
GetUserDefaultLCID
GetModuleHandleW
SystemTimeToFileTime
GetOEMCP
GetSystemDirectoryA
FileTimeToSystemTime
GetModuleHandleA
WriteFile
TlsAlloc
GetConsoleCP
TlsFree
HeapReAlloc
IsDebuggerPresent
GetProcessHeap
LCMapStringA
WideCharToMultiByte
GetConsoleOutputCP
HeapDestroy
GetCurrentThreadId
VirtualAlloc
EnumSystemLocalesA
EnterCriticalSection
GetACP
FreeLibrary
SetUnhandledExceptionFilter
IsValidCodePage
CloseHandle
HeapAlloc
SetLastError
RaiseException
GetStdHandle
FreeEnvironmentStringsA
GetTempPathA
GetConsoleMode
SetFilePointer
IsValidLocale
HeapSize
GetSystemTimeAsFileTime
RtlUnwind
CreateFileA
TlsGetValue
DeleteCriticalSection
SetStdHandle
LCMapStringW
HeapFree
VirtualFree
FlushFileBuffers
GetTimeFormatA
SystemTimeToTzSpecificLocalTime
GetSystemTime
WriteConsoleW
FreeEnvironmentStringsW
GetCurrentProcess
VirtualAllocEx

rpcrt4

UuidCreate

ole32

StringFromGUID2

advapi32

SetSecurityDescriptorDacl
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExW

ws2_32

WSCEnumProtocols
WSCDeinstallProvider
WSCGetProviderPath
WSACleanup
WSAStartup
WSCInstallProvider
WSCWriteProviderOrder

user32

GetKeyboardLayout
SetWindowLongW
OpenClipboard
GetFocus
GetMenuItemInfoA
AdjustWindowRect
GetForegroundWindow
LoadMenuA
keybd_event
CheckMenuItem
WaitMessage
SetCapture
IsIconic
GetMenuInfo
IsChild
GetCaretPos
GetKeyState
SetWindowTextA
DefWindowProcW
SetWindowRgn
LoadIconA
LoadMenuIndirectW
GetCapture
WaitForInputIdle
FindWindowW
CreateAcceleratorTableW
RegisterClassExA

kbdtuf

KbdLayerDescriptor

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c77c00761a9a55564c093718146a97e6

Headers

File Characteristics

Imports

kernel32

rpcrt4

ole32

advapi32

ws2_32

user32

kbdtuf

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 254KB - Virtual size: 3.3MB

.rdata Size: 3KB - Virtual size: 485KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 254KB - Virtual size: 3.3MB

.rdata
Size: 3KB - Virtual size: 485KB

.rsrc
Size: 19KB - Virtual size: 18KB