JaffaCakes118_be6f20b2e737a97abdd7dd2c7c00961e

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_be6f20b2e737a97abdd7dd2c7c00961e
Size

283KB
MD5

be6f20b2e737a97abdd7dd2c7c00961e
SHA1

831fb7c3e64470f814d5380999a453bae25580c5
SHA256

d93ffa8d7084e845143e873f008fccf133d17cdf2f57e18c67c6f56ba7a278bf
SHA512

fbe7aa6600d8606ea861571b1a748cfd2ccd9b876825d527bd4379ecac80ae099a6bb90eefbec69bef671ad05e74e5605867f4d5b0c1b5120d80635a307d60dd
SSDEEP

6144:fggjN08z6NtTzCJjvfCiCYBnrgH1l/jdN1IBonLdcJghNCGwPvLkNj:fzjx04JjbBnEHjB82nL5hNC9wZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_be6f20b2e737a97abdd7dd2c7c00961e

Files

JaffaCakes118_be6f20b2e737a97abdd7dd2c7c00961e
.exe windows:4 windows x86 arch:x86

d3ea18de01217179efb7ace595d45bdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
InitializeCriticalSection
GetModuleFileNameA
GetModuleHandleA
FreeLibrary
GetCurrentProcessId
WaitForMultipleObjects
CreateSemaphoreA
GetSystemTime
Sleep
FileTimeToSystemTime
CreateEventA
SetEvent
OpenEventA
lstrlenA
lstrcpynA
GetShortPathNameA
LoadLibraryA
GetLastError
MultiByteToWideChar
GlobalAlloc
lstrcpyW
lstrcpyA
lstrcmpA
GetVersionExA
CreateMutexA
WaitForSingleObject
GetACP
GetLocalTime
GetTempFileNameA
SystemTimeToFileTime
OpenFile
lstrlenW
GetVersion
GetProcAddress

user32

AppendMenuA
GetDesktopWindow
CharPrevA
CharUpperA
wsprintfA
PeekMessageA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
CloseServiceHandle
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegConnectRegistryA
RegQueryInfoKeyA

ole32

CoCreateInstance

mapi32

ord183
ord185
ord75
ord140
ord174
ord15
ord13
ord60
ord129
ord17
ord135
ord137
ord139

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

shfolder

SHGetFolderPathA

shell32

SHCreateDirectoryExA

msvcrt

strncpy
strstr
_mbsicmp
_mbschr
free
_mbsnbcmp
_mbscmp
_mbsdec
_mbsinc
_makepath
_mbsnbcat
fread
calloc
strncmp
_mbsnbcpy

shlwapi

PathRemoveFileSpecA

imm32

ImmGetHotKey
ImmGetOpenStatus
ImmAssociateContext
ImmGetIMEFileNameA
ImmLockIMC
ImmGetProperty
ImmSetCompositionFontA
ImmDisableIme
ImmGetVirtualKey
ImmPutImeMenuItemsIntoMappedFile
ImmIsUIMessageW
ImmSetCompositionWindow
ImmReSizeIMCC

mscat32

IsCatalogFile
CryptCATAdminAcquireContext

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.NSoBA
Size: 1KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lZ
Size: 1KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xX
Size: 4KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 90KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uQeU
Size: 1KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nUo
Size: 2KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 125KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VBUjgR
Size: 2KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3ea18de01217179efb7ace595d45bdf

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

mapi32

version

shfolder

shell32

msvcrt

shlwapi

imm32

mscat32

Sections

.text Size: 18KB - Virtual size: 18KB

.NSoBA Size: 1KB - Virtual size: 24KB

.lZ Size: 1KB - Virtual size: 344KB

.rdata Size: 3KB - Virtual size: 19KB

.xX Size: 4KB - Virtual size: 369KB

.edata Size: 90KB - Virtual size: 186KB

.uQeU Size: 1KB - Virtual size: 31KB

.data Size: 7KB - Virtual size: 175KB

.nUo Size: 2KB - Virtual size: 361KB

.edata Size: 125KB - Virtual size: 131KB

.VBUjgR Size: 2KB - Virtual size: 106KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 18KB - Virtual size: 18KB

.NSoBA
Size: 1KB - Virtual size: 24KB

.lZ
Size: 1KB - Virtual size: 344KB

.rdata
Size: 3KB - Virtual size: 19KB

.xX
Size: 4KB - Virtual size: 369KB

.edata
Size: 90KB - Virtual size: 186KB

.uQeU
Size: 1KB - Virtual size: 31KB

.data
Size: 7KB - Virtual size: 175KB

.nUo
Size: 2KB - Virtual size: 361KB

.edata
Size: 125KB - Virtual size: 131KB

.VBUjgR
Size: 2KB - Virtual size: 106KB

.rsrc
Size: 24KB - Virtual size: 24KB