JaffaCakes118_78244534336d0e5bc47020fe90875c13

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_78244534336d0e5bc47020fe90875c13
Size

291KB
MD5

78244534336d0e5bc47020fe90875c13
SHA1

cbb8bc160e346f99adf0ebb1235f7ffa1988dfb2
SHA256

eaa2e4dc15fc8d483c5a05c45ee40f88e06e61b0e9abfbfb11ce62ec69d952fb
SHA512

5566a454e34490f11fdb4f5d0a9fbf4159ca03c8b6e10122536c55d0d5c5fef59d662361ac993d478b15f97dd57c5d161ab00ea5ceab84c92b8cea2bac26c475
SSDEEP

6144:8fXSq43yl0YKkM/gxo7O3T5LpanOV9ILrDSUWuZfX2i:wwyy8M/g67ulLWomLrDSUvZvl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_78244534336d0e5bc47020fe90875c13

Files

JaffaCakes118_78244534336d0e5bc47020fe90875c13
.exe windows:4 windows x86 arch:x86

8ca49360c435072fb671dbb2e1ab1a57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2
CoLockObjectExternal

shlwapi

PathAppendW
PathAddBackslashW
PathRemoveFileSpecW

user32

MessageBoxW
GetWindowLongA

oleaut32

VarBstrCat
SysFreeString
SysStringLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
SysAllocStringLen
VarBstrCmp
SysAllocString
VariantTimeToSystemTime
VariantCopy
SysStringByteLen
VarBstrFromDec

kernel32

GetConsoleCP
CreateFileW
WideCharToMultiByte
GetDateFormatW
GetStdHandle
TlsSetValue
lstrlenA
WriteConsoleW
GetModuleHandleA
GetCommandLineA
GetTimeFormatW
GetFileType
SetLastError
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapFree
WriteFile
FlushFileBuffers
CloseHandle
IsValidCodePage
DeleteCriticalSection
lstrlenW
RtlUnwind
FindResourceW
EnterCriticalSection
HeapSize
SetFilePointer
SetStdHandle
GetConsoleMode
GetOEMCP
InitializeCriticalSectionAndSpinCount
SizeofResource
HeapDestroy
LoadResource
GetProcessHeap
GetThreadLocale
HeapReAlloc
GetSystemTimeAsFileTime
LockResource
TlsGetValue
SetUnhandledExceptionFilter
RaiseException
LeaveCriticalSection
GetUserDefaultLCID
LCMapStringW
FindResourceExW
HeapAlloc
GetModuleHandleW
GetACP
EnumSystemLocalesA
TlsAlloc
IsValidLocale
GetCurrentThreadId
FormatMessageW
SetHandleCount
FreeLibrary
FreeEnvironmentStringsW
IsDebuggerPresent
TlsFree
GetStartupInfoA
VirtualAlloc

advapi32

RegConnectRegistryW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyA
RegEnumKeyExW
RegQueryValueExW
RegEnumValueW
RegSetValueExW
RegEnumKeyA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyW
RegCreateKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegOpenKeyA

comctl32

CreateStatusWindow
ImageList_Duplicate
ImageList_SetFlags
InitCommonControlsEx
GetMUILanguage
ImageList_BeginDrag

pstorsvc

ServiceEntry

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ca49360c435072fb671dbb2e1ab1a57

Headers

File Characteristics

Imports

ole32

shlwapi

user32

oleaut32

kernel32

advapi32

comctl32

pstorsvc

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 264KB - Virtual size: 283KB

.rsrc Size: 2KB - Virtual size: 9KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 264KB - Virtual size: 283KB

.rsrc
Size: 2KB - Virtual size: 9KB