JaffaCakes118_c6526c004cedb67f64ec704d3d85482f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_c6526c004cedb67f64ec704d3d85482f
Size

253KB
MD5

c6526c004cedb67f64ec704d3d85482f
SHA1

bbe12a6276f2775660fd50acf4c5edccfb168c2c
SHA256

cecd9df5f8e36f64d3583efd1347ceba1e2fa21bcf3227d70982655f438248c4
SHA512

4871a93dc372e2271f4ec30f2bab4d1498c6e9cf9555501292c643c44ec0d0c3375d4b4182498ed69ddbfc341c63432c09bfce9aaf825cc2bf891fdc69c07ef9
SSDEEP

6144:Q/wbFgTi2RsbXzeLjzOg/QQR9AXJChcl5hDfKJ39y9q+SvpY:Q/wpxXMzfQQRqXiE5hjKneX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c6526c004cedb67f64ec704d3d85482f

Files

JaffaCakes118_c6526c004cedb67f64ec704d3d85482f
.exe windows:4 windows x86 arch:x86

14c048ca2549ef825dac05a49522f504

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarUI4FromStr
SysFreeString
SysStringLen
SysAllocStringByteLen
LoadTypeLi
VariantClear
OleCreatePropertyFrame
DispCallFunc
RegisterTypeLi
LoadRegTypeLi
SysAllocString
UnRegisterTypeLi
SysStringByteLen
VariantInit
VariantChangeType
VariantCopy

advapi32

RegQueryInfoKeyA
RegOpenCurrentUser
RegQueryValueExA
RegQueryValueExW
RegDeleteValueA
RegSetValueExA
RegOpenKeyExW
RegCloseKey
RegOpenKeyA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA

gdi32

CreateMetaFileA
RestoreDC
CreateRectRgnIndirect
SetWindowExtEx
GetDeviceCaps
CloseMetaFile
SetWindowOrgEx
SetTextAlign
SaveDC
SetViewportOrgEx
LPtoDP
DeleteMetaFile
DeleteDC
TextOutA
CreateDCA
SetMapMode

kernel32

TerminateThread
SetFilePointer
CreateFileW
MulDiv
lstrcpyA
FlushFileBuffers
SetHandleCount
HeapSize
FindClose
GetCurrentThreadId
DeleteFileW
CreateMutexA
lstrlenW
GetACP
FreeEnvironmentStringsW
GetConsoleMode
IsDebuggerPresent
WriteConsoleA
LoadLibraryExA
GetFileType
TlsAlloc
LoadResource
RtlUnwind
VirtualQuery
GetTempPathA
FindFirstFileA
HeapAlloc
WaitForMultipleObjects
CreateThread
WritePrivateProfileStringA
GlobalAlloc
FindNextFileA
GetConsoleOutputCP
FindResourceA
GlobalUnlock
TlsFree
CreateEventA
LCMapStringA
LCMapStringW
OutputDebugStringA
CloseHandle
ReleaseMutex
LeaveCriticalSection
CreateMutexW
TlsGetValue
lstrlenA
WideCharToMultiByte
FlushInstructionCache
UnhandledExceptionFilter
WaitForSingleObjectEx
GetSystemInfo
RaiseException
VirtualFree
GetProcessHeap
GetLocalTime
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
lstrcatA
TlsSetValue
GetStdHandle
VirtualProtect
DeleteFileA
CreateFileA
FreeLibrary
lstrcmpiA
GetThreadLocale
GetConsoleCP
ReadFile
SizeofResource
CreateDirectoryW
WaitForSingleObject
HeapDestroy
GetTempFileNameW
HeapFree
FreeEnvironmentStringsA
SetLastError
GetCommandLineA
IsValidCodePage
WriteFile
HeapReAlloc
GetTempPathW
lstrcmpA
EnterCriticalSection
GlobalLock
SetStdHandle
GetOEMCP
GetSystemTimeAsFileTime
WriteConsoleW
SetFileAttributesA
IsDBCSLeadByte
GetModuleHandleA
VirtualAlloc
DeleteCriticalSection
VirtualAllocEx

ole32

OleLoadFromStream
CreateOleAdviseHolder
OleRegEnumVerbs
CoTaskMemAlloc
CoTaskMemRealloc
OleSaveToStream
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoCreateInstance
WriteClassStm
CoTaskMemFree
StringFromGUID2

user32

PtInRect
UnionRect
SetWindowRgn
ShowWindow
GetKeyState
GetFocus
IntersectRect
GetParent
UnregisterClassA
ReleaseDC
DefWindowProcA
GetDC
SetFocus
SetWindowLongA
SetWindowPos
EqualRect
IsChild
CallWindowProcA
InvalidateRect
IsWindow
GetClientRect
MessageBoxA
CharNextA
DestroyWindow
wsprintfA
SetCursor
GetWindowLongA
LoadCursorA
OffsetRect
GetForegroundWindow

userenv

GetProfileType
FreeGPOListW
WaitForMachinePolicyForegroundProcessing
GetProfilesDirectoryA
GetUserProfileDirectoryW

hid

HidP_GetUsagesEx
HidD_SetNumInputBuffers
HidP_SetData

Sections

.odoAZe
Size: 512B - Virtual size: 11KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crSJqh
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DzSbgkk
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QaOyz
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hJNfQ
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OyWUf
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cGSFKO
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14c048ca2549ef825dac05a49522f504

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

advapi32

gdi32

kernel32

ole32

user32

userenv

hid

Sections

.odoAZe Size: 512B - Virtual size: 11KB

.text Size: 19KB - Virtual size: 18KB

.crSJqh Size: 512B - Virtual size: 129B

.DzSbgkk Size: 3KB - Virtual size: 2KB

.QaOyz Size: 2KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 304KB

.rdata Size: 210KB - Virtual size: 210KB

.hJNfQ Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.OyWUf Size: 1024B - Virtual size: 760B

.cGSFKO Size: 2KB - Virtual size: 2KB

.odoAZe
Size: 512B - Virtual size: 11KB

.text
Size: 19KB - Virtual size: 18KB

.crSJqh
Size: 512B - Virtual size: 129B

.DzSbgkk
Size: 3KB - Virtual size: 2KB

.QaOyz
Size: 2KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 304KB

.rdata
Size: 210KB - Virtual size: 210KB

.hJNfQ
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.OyWUf
Size: 1024B - Virtual size: 760B

.cGSFKO
Size: 2KB - Virtual size: 2KB