JaffaCakes118_50827508698af3f63a442f191f38b235

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_50827508698af3f63a442f191f38b235
Size

192KB
MD5

50827508698af3f63a442f191f38b235
SHA1

ea0f23eef03cfbf6809e371032d064e378e2d698
SHA256

68d7dc72bdf91100c694577d687471127d542b685889840c0a9f89a4c7c1cb80
SHA512

a964b66846a83c6e0679d53a3111d7d3ea393fbbb454a01f45fd858ffef4bf41462769da6930f89a456e87d6d3d93c041d22ba02d962565e0620fb326e575011
SSDEEP

3072:Y6nTeV/vj5nzGlJbtXasGOfGyov882typ7pBcJZg:Y6s/vlnzQZov882wSZg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_50827508698af3f63a442f191f38b235

Files

JaffaCakes118_50827508698af3f63a442f191f38b235
.exe windows:4 windows x86 arch:x86

fb915dc3782741da6d085bc63049e02a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CloseHandle
GetProcAddress
GetCurrentProcess
GetLocalTime
GetLastError
GetPrivateProfileStringA
OpenProcess
TerminateProcess
lstrcpynA
GetModuleFileNameA
GetFullPathNameA
CreateEventA
CreateMutexA
GetWindowsDirectoryA
GetTempPathA
SetCurrentDirectoryA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
ReadFile
SetEndOfFile
FreeLibrary
GetVersionExA
GetSystemDefaultLangID
lstrcpyA
OutputDebugStringA
ReleaseMutex
Sleep
WaitForSingleObject
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
RaiseException
RtlUnwind
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
WriteFile
HeapSize
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateFileA
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode

user32

LoadStringA
GetWindowThreadProcessId
SendMessageTimeoutA
PostMessageA
EnumWindows
GetWindowLongA
MessageBoxA

advapi32

RegCreateKeyExA
RegOpenKeyExA
OpenProcessToken
AllocateAndInitializeSid
FreeSid
RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteExA

shlwapi

PathRemoveFileSpecA
PathAppendA
PathFileExistsA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fb915dc3782741da6d085bc63049e02a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

version

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 17KB

.2rdata Size: 76KB - Virtual size: 76KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 17KB

.2rdata
Size: 76KB - Virtual size: 76KB