JaffaCakes118_7e016fb17b15f683874f0f4b64e98d29

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7e016fb17b15f683874f0f4b64e98d29
Size

327KB
MD5

7e016fb17b15f683874f0f4b64e98d29
SHA1

68cb7810779567c355b5924edbb053a87bf92865
SHA256

ffc959d0e19f194da146de124c543ebde5691a893c9c221b45697d7401d5bccc
SHA512

248050539d2c2e0af0c47189916e96d0aabafbc6abd4b3451c553665686a0ff16a60d10766ab46449b75621e10bae89ffaf9ca73f1fb1ba67caac55d40853506
SSDEEP

6144:23MVk9U3mgJukP+2Ucpn5qAKP1UkrMhcOIk8kRL5YejF:vCU0aZLLqEkrMhct8OUF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7e016fb17b15f683874f0f4b64e98d29

Files

JaffaCakes118_7e016fb17b15f683874f0f4b64e98d29
.exe windows:5 windows x86 arch:x86

d0bfd0c37d417a5a0fb1a3e65b206772

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA

kernel32

GetThreadLocale
LocalFree
IsDBCSLeadByte
FindResourceExA
GetCurrentThreadId
GetProcessHeap
lstrcpynA
HeapDestroy
LockResource
lstrlenA
lstrlenW
HeapAlloc
HeapReAlloc
LeaveCriticalSection
FindResourceA
HeapFree
DeleteCriticalSection
SizeofResource
HeapSize
RaiseException
FormatMessageA
RemoveDirectoryA
GetModuleHandleA
lstrcatA
EnterCriticalSection
DeleteFileA
LoadResource
lstrcmpiA
GetSystemTimeAsFileTime
lstrcpyA
WideCharToMultiByte
GetACP
GetCurrentProcessId
VirtualAllocEx

shlwapi

PathFindExtensionA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA

oleaut32

UnRegisterTypeLi
SysAllocString
LoadRegTypeLi
VariantClear
VariantChangeType
VariantInit
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysAllocStringLen
SysStringLen
SysFreeString

user32

CharNextA

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemFree
StringFromCLSID

comctl32

ImageList_LoadImageW
ImageList_SetBkColor
ImageList_Remove
LBItemFromPt
CreatePropertySheetPage
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_SetFilter

syssetup

AsrRestorePlugPlayRegistryData
AsrCreateStateFileW
SetupSetDisplay
AsrAddSifEntryW
AsrAddSifEntryA
SetupInfObjectInstallActionW
AsrCreateStateFileA

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 295KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0bfd0c37d417a5a0fb1a3e65b206772

Headers

File Characteristics

Imports

shell32

kernel32

shlwapi

advapi32

oleaut32

user32

ole32

comctl32

syssetup

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 295KB - Virtual size: 913KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 295KB - Virtual size: 913KB

.rsrc
Size: 11KB - Virtual size: 10KB