JaffaCakes118_7c33091f4e1a4076cef528ce075bf5a4

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7c33091f4e1a4076cef528ce075bf5a4
Size

329KB
MD5

7c33091f4e1a4076cef528ce075bf5a4
SHA1

6d2357530c320b649c4fd6c077532ad351fd984f
SHA256

bc74c9800acbdad5f55876caa34ce3e80b0b043e817054dce3c0f42a1d4e88f6
SHA512

33ebb76ef4621c56ac1a492d212ecd1e4fc993d64b53f8f64fc8de4f8f5a7e19f7931be01e61b9ca8545fc45f511847e9b240f3222655866a04408e3b16c2665
SSDEEP

6144:TOYFNgBAY0IMFk90MQ0gQXcDVx4w5XrT9nwYSPn9:TOiZFn2w4Ch49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7c33091f4e1a4076cef528ce075bf5a4

Files

JaffaCakes118_7c33091f4e1a4076cef528ce075bf5a4
.exe windows:5 windows x86 arch:x86

02e54fd60a714fb0db04147d2bb342c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
SetForegroundWindow
DestroyIcon
ScreenToClient
SendMessageA
PostMessageA
SendMessageW
RegisterClipboardFormatW
DrawTextW
EndPaint
GetDC
FindWindowExW
CharPrevA
InflateRect
GetSystemMetrics
ReleaseDC
CharUpperA

gdi32

BitBlt
SaveDC
RestoreDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
DeleteDC

kernel32

GetACP
HeapFree
LeaveCriticalSection
GetModuleHandleA
lstrcmpiA
FileTimeToSystemTime
CloseHandle
EnterCriticalSection
FreeLibrary
GetShortPathNameA
GetProcessHeap
CreateFileA
lstrcpynA
GetSystemTime
GetFileInformationByHandle
WaitForSingleObject
CreateMutexA
GlobalAlloc
ReleaseMutex
lstrlenA
WideCharToMultiByte
FormatMessageA
LocalFree
DeleteCriticalSection
GetCommandLineW
GlobalFree
LoadLibraryExA
HeapAlloc
TlsAlloc
VirtualAllocEx

shlwapi

PathRemoveFileSpecA

advapi32

ImpersonateSelf
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RevertToSelf

shell32

SHGetPathFromIDListA
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetFileInfoA
ShellExecuteA

oleaut32

SysAllocStringByteLen
SysFreeString

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wsock32

ntohs

ole32

IsEqualGUID
CoCreateInstance
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal

comctl32

ImageList_LoadImageA
ImageList_SetBkColor
ImageList_SetDragCursorImage
CreateUpDownControl
ImageList_Copy
ImageList_SetOverlayImage
ImageList_Duplicate
FlatSB_ShowScrollBar

dsdmo

DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 305KB - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02e54fd60a714fb0db04147d2bb342c4

Headers

File Characteristics

Imports

user32

gdi32

kernel32

shlwapi

advapi32

shell32

oleaut32

version

wsock32

ole32

comctl32

dsdmo

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 305KB - Virtual size: 780KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 305KB - Virtual size: 780KB

.rsrc
Size: 3KB - Virtual size: 3KB