JaffaCakes118_7b2ca1ba5f9036b62891f378501b4de2

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7b2ca1ba5f9036b62891f378501b4de2
Size

248KB
MD5

7b2ca1ba5f9036b62891f378501b4de2
SHA1

199ab949fe048e21f913d4d33531333243a679dc
SHA256

48fdb38385dd5e0b57182a58b86f73fbaf6b4ff60fb67e25ce2418bfc4890bdd
SHA512

1f3ac826fab3df6fa7090b61834282cd354c1c4dfd53af59a0aea038a6703637b0346f79ccdba965b021e40b878e573b76c0f911bb6202786f872d8853be480c
SSDEEP

6144:o9NfOPwve134F0LloHEcwFzXitv28YAZYI7uDVMi1qRTnbp:o9N2oG33mRwFrqvqH7ERTt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7b2ca1ba5f9036b62891f378501b4de2

Files

JaffaCakes118_7b2ca1ba5f9036b62891f378501b4de2
.exe windows:4 windows x86 arch:x86

442106497131d511d03c4c8c01158cd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance

gdi32

CreatePen
GetDeviceCaps
CreateSolidBrush

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

user32

GetDoubleClickTime
SystemParametersInfoA
EqualRect
ReleaseDC
GetSystemMetrics
LoadCursorA
GetDC
IsCharAlphaNumericA
GetSysColor
CharNextW

oleaut32

VariantInit
RegisterTypeLi
SysStringByteLen
SysAllocString
UnRegisterTypeLi
SysFreeString
SysStringLen
SysAllocStringByteLen
SysAllocStringLen
VariantChangeType
VariantClear
VarBstrCat
VarBstrCmp

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathIsRelativeW
PathCanonicalizeW
PathIsURLW
PathRenameExtensionW
PathFileExistsW

kernel32

ReleaseMutex
EnterCriticalSection
SetUnhandledExceptionFilter
HeapDestroy
InitializeCriticalSectionAndSpinCount
LocalFree
CloseHandle
GetSystemTimeAsFileTime
IsDBCSLeadByte
DeleteFileW
FindResourceExW
lstrlenA
GetFullPathNameA
LeaveCriticalSection
IsDebuggerPresent
GetCurrentDirectoryW
GetModuleHandleW
FindFirstFileA
GetModuleHandleA
GetProcessHeap
lstrlenW
GetCurrentDirectoryA
GetUserDefaultLangID
GetFullPathNameW
LockResource
LocalAlloc
WaitForSingleObject
HeapSize
LoadResource
FindClose
HeapReAlloc
HeapFree
RaiseException
DeleteCriticalSection
UnhandledExceptionFilter
DeleteFileA
GetCurrentThreadId
CreateMutexA
FindResourceW
SizeofResource
CopyFileW
IsProcessorFeaturePresent
HeapAlloc
GetStartupInfoA
VirtualAllocEx
lstrcmpA

security

ExportSecurityContext
ImportSecurityContextW
ImportSecurityContextA
QuerySecurityPackageInfoA

ntlanui2

DllCanUnloadNow

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 219KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

442106497131d511d03c4c8c01158cd0

Headers

File Characteristics

Imports

ole32

gdi32

advapi32

user32

oleaut32

shlwapi

kernel32

security

ntlanui2

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 219KB - Virtual size: 221KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 219KB - Virtual size: 221KB

.rsrc
Size: 11KB - Virtual size: 11KB