JaffaCakes118_768a5b08e3e21835dfa9a5661496d891

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_768a5b08e3e21835dfa9a5661496d891
Size

294KB
MD5

768a5b08e3e21835dfa9a5661496d891
SHA1

442446b84d6ed9f5fda79428e28a7d21096de286
SHA256

cf20dd9b30338caf9640a8370e57914933869a8de0072edb71c01dbbf9ae789f
SHA512

0b298cf46c4e60584cf40484eb7f0f4c05df315968814dcbb2a4671232d2195571dcdd2c3ae06cae362e8e3707d607b24758eaeeedb40c768788a583346fd7c4
SSDEEP

6144:2bUjoep8/QwZucnBReWqd+bS2ZFwtgZNLhNjDYk:LjPdcneSbS2ZFwQNjD3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_768a5b08e3e21835dfa9a5661496d891

Files

JaffaCakes118_768a5b08e3e21835dfa9a5661496d891
.exe windows:4 windows x86 arch:x86

c77c00761a9a55564c093718146a97e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
WriteConsoleA
UnhandledExceptionFilter
SetHandleCount
GetFileType
ReadFile
InitializeCriticalSectionAndSpinCount
GetCommandLineA
SetEndOfFile
ExpandEnvironmentStringsA
LeaveCriticalSection
GetUserDefaultLCID
GetModuleHandleW
SystemTimeToFileTime
GetOEMCP
GetSystemDirectoryA
FileTimeToSystemTime
GetModuleHandleA
WriteFile
TlsAlloc
GetConsoleCP
TlsFree
HeapReAlloc
IsDebuggerPresent
GetProcessHeap
LCMapStringA
WideCharToMultiByte
GetConsoleOutputCP
HeapDestroy
GetCurrentThreadId
VirtualAlloc
EnumSystemLocalesA
EnterCriticalSection
GetACP
FreeLibrary
SetUnhandledExceptionFilter
IsValidCodePage
CloseHandle
HeapAlloc
SetLastError
RaiseException
GetStdHandle
FreeEnvironmentStringsA
GetTempPathA
GetConsoleMode
SetFilePointer
IsValidLocale
HeapSize
GetSystemTimeAsFileTime
RtlUnwind
CreateFileA
TlsGetValue
DeleteCriticalSection
SetStdHandle
LCMapStringW
HeapFree
VirtualFree
FlushFileBuffers
GetTimeFormatA
SystemTimeToTzSpecificLocalTime
GetSystemTime
WriteConsoleW
FreeEnvironmentStringsW
GetCurrentProcess
VirtualAllocEx

rpcrt4

UuidCreate

ole32

StringFromGUID2

advapi32

SetSecurityDescriptorDacl
RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExW

ws2_32

WSCEnumProtocols
WSCDeinstallProvider
WSCGetProviderPath
WSACleanup
WSAStartup
WSCInstallProvider
WSCWriteProviderOrder

user32

GetKeyboardLayout
SetWindowLongW
OpenClipboard
GetFocus
GetMenuItemInfoA
AdjustWindowRect
GetForegroundWindow
LoadMenuA
keybd_event
CheckMenuItem
WaitMessage
SetCapture
IsIconic
GetMenuInfo
IsChild
GetCaretPos
GetKeyState
SetWindowTextA
DefWindowProcW
SetWindowRgn
LoadIconA
LoadMenuIndirectW
GetCapture
WaitForInputIdle
FindWindowW
CreateAcceleratorTableW
RegisterClassExA

kbdtuf

KbdLayerDescriptor

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c77c00761a9a55564c093718146a97e6

Headers

File Characteristics

Imports

kernel32

rpcrt4

ole32

advapi32

ws2_32

user32

kbdtuf

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 254KB - Virtual size: 3.3MB

.rdata Size: 3KB - Virtual size: 485KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 254KB - Virtual size: 3.3MB

.rdata
Size: 3KB - Virtual size: 485KB

.rsrc
Size: 19KB - Virtual size: 18KB