JaffaCakes118_5236917173a949ed75ac11908d5c45cf

General

Target

JaffaCakes118_5236917173a949ed75ac11908d5c45cf
Size

367KB
MD5

5236917173a949ed75ac11908d5c45cf
SHA1

094867156d6c068b6215ab2f32d4d7c32d550a5e
SHA256

27ae1c25dd321250eaebecd06916d6268b1e67b49599c84cee4a54f06e59282a
SHA512

d9005a0fb4a70023709a6f799531efe8a2e0c8fd1e19a2118489ca071442fdfc7738d6b8da5fc73ae212c16db58e09ce9ff79e76293b112d17a76de105546e04
SSDEEP

6144:QNO8nT1QzCs7sAKq/qjE01U2+8TRMz8+wJFJhuRc04ag9d8CCKHS75rZ:QU8TxjG2dMw+yFXuav3X8VWS75rZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5236917173a949ed75ac11908d5c45cf

Files

JaffaCakes118_5236917173a949ed75ac11908d5c45cf
.exe windows:4 windows x86 arch:x86

5e17ca40a4f6f1a4ec2d05984fc1876a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcessHeap
CreateFileA
SetFileTime
GetCommandLineA
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryA
GetLastError
GetProcAddress
LoadLibraryA
HeapAlloc
RemoveDirectoryA
CreateEventA
ReadFile
WriteFile
FormatMessageA
GetFileAttributesA
DeleteFileA
MoveFileExA
TerminateProcess
ExitProcess
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
GetCurrentProcess
CreateThread
WaitForSingleObject
GetSystemDirectoryA
GetDriveTypeA
GetDiskFreeSpaceA
GetSystemTime
SystemTimeToFileTime
GetCurrentDirectoryA
CloseHandle
CreateProcessA
GetExitCodeProcess
HeapFree
SetFilePointer
SetEvent

user32

SendDlgItemMessageA
EndDialog
LoadStringA
SendMessageA
ShowWindow
DialogBoxParamA
MessageBoxA

comctl32

ord17

advapi32

CryptAcquireContextA
CryptGenRandom
SetSecurityDescriptorDacl
GetLengthSid
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
CryptReleaseContext
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

ntdll

_allmul
strstr
sprintf

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e17ca40a4f6f1a4ec2d05984fc1876a

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

shell32

ntdll

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 66KB

.rsrc Size: 340KB - Virtual size: 340KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 66KB

.rsrc
Size: 340KB - Virtual size: 340KB