JaffaCakes118_beaabbd37d64a96571e9f12d59944c6e

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_beaabbd37d64a96571e9f12d59944c6e
Size

225KB
MD5

beaabbd37d64a96571e9f12d59944c6e
SHA1

b1d76c167c6ae023cd3d68ab48d55d7c67dde088
SHA256

2594e7f10fb5d4c5275e27076553e7f6e8d81feaecaa6d9add4c01c9f8319473
SHA512

15322ef6c8538c77a1741a57c2a389ad01cb6e2193aeb82acfef29f9346956a0f531076dd25b2db616c3f98158c252ca3d4d09723a0adf78a6242d65107d077f
SSDEEP

6144:zcTcDNR1jD1rXcnAMZ8yYGim6IY5Z/G9D5WmHsO:QTWE8yl1YfG1Ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_beaabbd37d64a96571e9f12d59944c6e

Files

JaffaCakes118_beaabbd37d64a96571e9f12d59944c6e
.exe windows:4 windows x86 arch:x86

063678a973a0a52a0dcd875a927841ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetLogicalDriveStringsA
IsDebuggerPresent
lstrcmp
MulDiv
CompareFileTime
MoveFileA
GetNumberFormatA
OpenEventA
IsBadWritePtr
LoadLibraryA
QueryPerformanceCounter
GlobalGetAtomNameW
GetHandleInformation
QueryPerformanceFrequency
GetVersion
GetTempFileNameW
FileTimeToLocalFileTime
lstrcmpW
FindResourceA
GetComputerNameA
FreeLibrary
GetVolumeInformationW
BeginUpdateResourceW
GlobalAlloc
Sleep
GetVersionExW
lstrcmpiW
CopyFileExW
CreateEventW
GetUserDefaultLCID
LocalFree
GetLongPathNameW
CreatePipe
DisconnectNamedPipe
ConnectNamedPipe
GetWindowsDirectoryW
GetStringTypeA
SetComputerNameW
lstrcmpi
IsBadCodePtr
GetCurrentProcessId
SetCurrentDirectoryA
GetProcAddress
AddAtomW
GetFileTime
ExitThread
GetDiskFreeSpaceW
lstrcmpiA

user32

GetForegroundWindow
AppendMenuW
MessageBoxIndirectW
DialogBoxIndirectParamW
CharPrevW
CreateDialogParamW
CheckRadioButton
CheckMenuRadioItem
EndMenu
CharLowerW
CreateDesktopW
GetWindowRect
EnumChildWindows
RegisterClassExA
CharUpperA
IsIconic
MoveWindow
SetWindowPos
CreateCaret

gdi32

CreateColorSpaceW
ResizePalette
SelectClipPath
EndFormPage
GetLogColorSpaceA
CreateRectRgn
StretchDIBits
CloseMetaFile
GetPaletteEntries
GetPixel
GetCharWidthI
CreateDCW
DeleteEnhMetaFile
ExtTextOutW

advapi32

RegReplaceKeyA
RegRestoreKeyA
RegFlushKey
RegOpenKeyA
RegCloseKey

shlwapi

PathIsDirectoryA
wnsprintfW
PathRemoveExtensionW
AssocCreate
PathBuildRootW
UrlGetPartA
SHGetThreadRef
PathIsRootW
AssocQueryKeyA

oleaut32

VarDecFromUI8

urlmon

URLOpenBlockingStreamA
GetComponentIDFromCLSSPEC
MkParseDisplayNameEx
DllRegisterServerEx
DllUnregisterServer
CreateURLMoniker
URLOpenBlockingStreamW
SetSoftwareUpdateAdvertisementState
HlinkNavigateString
PrivateCoInstall
CoInternetCompareUrl
CopyBindInfo
URLDownloadA
CoGetClassObjectFromURL
CreateFormatEnumerator
DllRegisterServer
URLDownloadToFileW
AsyncGetClassBits
URLDownloadW
Extract

winmm

waveInOpen
sndPlaySoundW
mixerGetDevCapsA
mmioStringToFOURCCA
midiOutGetErrorTextA
joy32Message
midiInAddBuffer
GetDriverModuleHandle
WOWAppExit
midiOutCachePatches

Sections

.KAYd
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Tz
Size: 3KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.O
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VS
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.G
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IPu
Size: 4KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.epz
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OlsZXZ
Size: 4KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

063678a973a0a52a0dcd875a927841ee

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

oleaut32

urlmon

winmm

Sections

.KAYd Size: 9KB - Virtual size: 9KB

.Tz Size: 3KB - Virtual size: 420KB

.O Size: 85KB - Virtual size: 84KB

.VS Size: 14KB - Virtual size: 14KB

.G Size: 1024B - Virtual size: 40KB

.IPu Size: 4KB - Virtual size: 26KB

.epz Size: 85KB - Virtual size: 85KB

.data Size: 9KB - Virtual size: 112KB

.OlsZXZ Size: 4KB - Virtual size: 187KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.KAYd
Size: 9KB - Virtual size: 9KB

.Tz
Size: 3KB - Virtual size: 420KB

.O
Size: 85KB - Virtual size: 84KB

.VS
Size: 14KB - Virtual size: 14KB

.G
Size: 1024B - Virtual size: 40KB

.IPu
Size: 4KB - Virtual size: 26KB

.epz
Size: 85KB - Virtual size: 85KB

.data
Size: 9KB - Virtual size: 112KB

.OlsZXZ
Size: 4KB - Virtual size: 187KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B