f5010abe5abb1ee1bb66ff822c9e89c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5010abe5abb1ee1bb66ff822c9e89c8_JaffaCakes118
Size

395KB
MD5

f5010abe5abb1ee1bb66ff822c9e89c8
SHA1

15bc6b79a129f1c2c81b5761d421b706885bfcfc
SHA256

6e3152b0d2b4d7198d89dcfc1d1789684217be7bdd11f11fac91701ee0e820c4
SHA512

65c402fa67e19a62abfe2ec675bd27d0b6d446621e79a42e5de68943dbe2a7b2e298696a20dd15de5171a539acc2388d7d6b8e58b37455fd7f7eab8661ba889e
SSDEEP

6144:hSTg/OmlNGXeaLj2a2IgDzJ8WoN7f8K9p1XS/7VpcLqSC9aX39OYHqnFhWJDKj4Q:hSg4eWVfXkSC9Y3982ZKj4p509

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5010abe5abb1ee1bb66ff822c9e89c8_JaffaCakes118

Files

f5010abe5abb1ee1bb66ff822c9e89c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51fc01d90dfe0943dcc63f57f72d604d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW
SHAddToRecentDocs
ExtractAssociatedIconExA
SHInvokePrinterCommandW
SHFileOperation
SHBrowseForFolderA
FindExecutableW
SheChangeDirExW
ExtractAssociatedIconW
ExtractIconExW
ShellExecuteEx
SHGetDiskFreeSpaceA
SHLoadInProc
DragAcceptFiles
SHGetFileInfoA
SHGetDataFromIDListA

gdi32

GetDIBColorTable
GetCharABCWidthsA
GetWinMetaFileBits
GetMetaRgn
EndPage
PolyPolyline
UnrealizeObject
Escape
SwapBuffers
GetDCOrgEx
RectVisible
CreateFontW
SetBkColor
GetCharacterPlacementW
PatBlt
GetPixel
CopyMetaFileA
GdiFlush
GetEnhMetaFileW
SetMetaRgn

user32

GetDlgItem
EnumDisplayDevicesA
InsertMenuItemW
DlgDirSelectComboBoxExW
MapVirtualKeyA
CreateDialogParamW
MsgWaitForMultipleObjects
MessageBoxA
CharLowerBuffA
GetMessageExtraInfo
GetSysColor
AnimateWindow
IsCharUpperW
GetCaretBlinkTime

comdlg32

GetFileTitleA
GetSaveFileNameA
ChooseColorW
GetOpenFileNameW
FindTextW
FindTextA
PrintDlgW
PrintDlgA
GetFileTitleW
GetSaveFileNameW

kernel32

VirtualAlloc
GetEnvironmentStringsW
GetOEMCP
InterlockedExchange
DeleteCriticalSection
TlsAlloc
GetPrivateProfileSectionNamesA
ReadConsoleInputW
QueryPerformanceCounter
GetACP
WideCharToMultiByte
SetConsoleOutputCP
GetFileType
GetCurrentThread
GetProcessHeaps
SetFileAttributesW
WriteFile
MultiByteToWideChar
EnterCriticalSection
TransactNamedPipe
EnumCalendarInfoA
LCMapStringW
GetCurrentThreadId
GlobalUnlock
GetCommandLineA
ExitProcess
GetSystemTimeAsFileTime
GetVersion
FindClose
IsBadWritePtr
VirtualFree
TlsFree
CreateSemaphoreW
GetLastError
HeapFree
InitializeCriticalSection
TerminateProcess
LoadLibraryA
GetCPInfo
GetSystemDefaultLangID
HeapAlloc
GetStdHandle
GetEnvironmentStrings
RtlUnwind
VirtualQuery
LCMapStringA
GetCurrentProcessId
UnhandledExceptionFilter
WriteConsoleOutputA
GetModuleHandleA
GetProcAddress
TlsSetValue
SetHandleCount
GetFileTime
TlsGetValue
GetStartupInfoA
GetProfileIntW
HeapReAlloc
GetTickCount
HeapDestroy
GetCurrentProcess
FreeEnvironmentStringsW
FindNextFileA
GetProfileSectionW
FreeEnvironmentStringsA
GetSystemDirectoryW
GetModuleFileNameA
GetStringTypeW
GetStringTypeA
SetLastError
HeapCreate
LeaveCriticalSection

advapi32

CryptSignHashA
CryptReleaseContext
AbortSystemShutdownA
CryptAcquireContextW
CryptVerifySignatureW
InitiateSystemShutdownW
StartServiceA
RegDeleteKeyW
LookupPrivilegeDisplayNameW
RegQueryValueExW
CryptEnumProviderTypesW
LookupAccountSidA
GetUserNameA

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51fc01d90dfe0943dcc63f57f72d604d

Headers

File Characteristics

Imports

shell32

gdi32

user32

comdlg32

kernel32

advapi32

Sections

.text Size: 121KB - Virtual size: 121KB

.data Size: 266KB - Virtual size: 265KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 121KB - Virtual size: 121KB

.data
Size: 266KB - Virtual size: 265KB

.rsrc
Size: 6KB - Virtual size: 6KB