JaffaCakes118_bfb005aae1f2793d6f8d538afcc52fee

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_bfb005aae1f2793d6f8d538afcc52fee
Size

205KB
MD5

bfb005aae1f2793d6f8d538afcc52fee
SHA1

081291b4a7839b359a1672efb407cf5f19ee1a9e
SHA256

15fd9ca30bf9e776edaf14e96d2e491015c9e99013610db080c2d2a1ea992abe
SHA512

d7877b1930e5abf5961b3c2708cf69b17897b6332f3762fd30bbd2848d1ee5b2a21e0671c7d95dc75e59ffa54f1c91d4e46a9bb578899acd33485dc00284e7a6
SSDEEP

3072:9QU3xZLm9fjtDouDVsKSYmqbwjXSaGBGBKD6EbD7wiZHXRGM3WJdbzmDVFRZDvQx:9bLsZ3DV7SYwiccOEbD7wiZHX02/Dv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_bfb005aae1f2793d6f8d538afcc52fee

Files

JaffaCakes118_bfb005aae1f2793d6f8d538afcc52fee
.exe windows:4 windows x86 arch:x86

1d53578a5162f8b949946b3048efc87d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetCurrentThreadId
lstrcatA
IsBadStringPtrW
GlobalDeleteAtom
lstrcpyn
GetVolumeInformationW
lstrlen
GetModuleHandleA
GetVersion
DosDateTimeToFileTime
lstrlenW
CreateFileA
OpenSemaphoreA
CreateDirectoryW
lstrcpynA
lstrlenA
GetStringTypeA
FreeResource
GetEnvironmentStringsW
GetLongPathNameA
GetProcessHeap
LocalFree
GetPriorityClass
FileTimeToDosDateTime
AddAtomA
GetProcAddress
RemoveDirectoryW
DeleteAtom
GetUserDefaultLangID
GetFileAttributesW
GetLocaleInfoW
OpenProcess
LocalAlloc
EnumDateFormatsA
RemoveDirectoryA
GetDateFormatW
GetCalendarInfoA
IsValidCodePage
GetExitCodeThread
GetNumberFormatW
DuplicateHandle
GetNumberFormatA
OpenMutexA

user32

CreateWindowExA
GetFocus
GetMenuState
ReleaseDC
GetKeyState
wsprintfA
CheckDlgButton
SendDlgItemMessageA
EnumWindows
SetDlgItemTextA
DialogBoxIndirectParamW
AppendMenuW
EnumChildWindows
CharPrevW

gdi32

GetCurrentObject
SetBoundsRect
SetICMProfileW
StrokePath
GetROP2
CreateDCA
GetPaletteEntries
CreateDCW
SetLayout
PlayMetaFile
CreateBitmapIndirect

advapi32

RegOpenKeyA
RegDeleteKeyA
RegSaveKeyA
RegOpenKeyExA
RegEnumValueW

wininet

InternetAutodialCallback
InternetReadFile
FtpCreateDirectoryA

inetcomm

MimeOleSetPropW
MimeOleGetCodePageCharset
MimeOleSetDefaultCharset
MimeOleUnEscapeStringInPlace
CreateNNTPTransport
MimeOleCreateBody
MimeOleCreateHeaderTable
MimeOleGetPropertySchema
MimeOleSetCompatMode
MimeOleSMimeCapAddCert

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MTCf
Size: 1024B - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.S
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LwNQ
Size: 1024B - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PgUnvR
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Qql
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HgY
Size: 2KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Wrkz
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nlpjU
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Jyt
Size: 512B - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d53578a5162f8b949946b3048efc87d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

inetcomm

Sections

.text Size: 12KB - Virtual size: 12KB

.MTCf Size: 1024B - Virtual size: 47KB

.S Size: 1KB - Virtual size: 9KB

.LwNQ Size: 1024B - Virtual size: 39KB

.PgUnvR Size: 2KB - Virtual size: 12KB

.Qql Size: 1024B - Virtual size: 4KB

.HgY Size: 2KB - Virtual size: 46KB

.data Size: 9KB - Virtual size: 8KB

.Wrkz Size: 1KB - Virtual size: 18KB

.nlpjU Size: 1024B - Virtual size: 6KB

.Jyt Size: 512B - Virtual size: 166KB

.rsrc Size: 169KB - Virtual size: 168KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.MTCf
Size: 1024B - Virtual size: 47KB

.S
Size: 1KB - Virtual size: 9KB

.LwNQ
Size: 1024B - Virtual size: 39KB

.PgUnvR
Size: 2KB - Virtual size: 12KB

.Qql
Size: 1024B - Virtual size: 4KB

.HgY
Size: 2KB - Virtual size: 46KB

.data
Size: 9KB - Virtual size: 8KB

.Wrkz
Size: 1KB - Virtual size: 18KB

.nlpjU
Size: 1024B - Virtual size: 6KB

.Jyt
Size: 512B - Virtual size: 166KB

.rsrc
Size: 169KB - Virtual size: 168KB

.reloc
Size: 1KB - Virtual size: 1KB