f5a022cca855038ebbb55e9100114cc9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5a022cca855038ebbb55e9100114cc9_JaffaCakes118
Size

540KB
MD5

f5a022cca855038ebbb55e9100114cc9
SHA1

d6405339e5c359e1c74449a2e6bf9adad9d4b3d1
SHA256

4eec26991d0a8b7d6299799500936e134fcdc30b791623e4982e9e8db5eeee2b
SHA512

7495abc7b1336c2f64633df67f211df913351cf08f0b00933bd41fab84262c9fd0f9fff77d8787f44e0bd02dd170a69acda4238b796510c321f7085a7e866ac3
SSDEEP

12288:Vf3q+7pYGIF06NjgbzeruU7ovIvGEgAW5bmSckJ62A2H0qC6+SL:Vf6+7pYGIZjgbzQX3Abskon2H0qC6tL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5a022cca855038ebbb55e9100114cc9_JaffaCakes118

Files

f5a022cca855038ebbb55e9100114cc9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10911988dab8e5758a99305f95c3808f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
EnumDateFormatsW
GetCurrentThreadId
SetStdHandle
OpenMutexW
GetUserDefaultLCID
GetDateFormatA
SetEnvironmentVariableA
UnhandledExceptionFilter
GetStringTypeA
GetEnvironmentStrings
WideCharToMultiByte
VirtualFree
CloseHandle
GlobalAddAtomA
CreateDirectoryExA
LCMapStringW
GetCurrentProcess
ReadFile
OpenFileMappingA
TlsFree
CompareStringW
GetProcAddress
SetFilePointer
GetCommandLineA
SetLastError
GetLocaleInfoW
GetModuleHandleA
GetOEMCP
GetSystemInfo
CreateMailslotW
OpenMutexA
VirtualAlloc
HeapAlloc
InterlockedExchange
TlsAlloc
WriteConsoleInputA
InitializeCriticalSection
GetEnvironmentStringsW
IsBadWritePtr
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetLocaleInfoA
VirtualProtect
GetExitCodeThread
LoadLibraryA
GetStdHandle
FreeEnvironmentStringsW
GetStartupInfoA
IsValidLocale
ReadFileEx
SetWaitableTimer
GetVersionExA
ExitProcess
GetModuleFileNameW
TlsSetValue
GetTimeFormatA
GetStringTypeW
GetACP
LeaveCriticalSection
HeapFree
IsValidCodePage
GetCurrentThread
FreeEnvironmentStringsA
GetFileType
GetModuleFileNameA
GetStartupInfoW
TlsGetValue
WriteConsoleInputW
LCMapStringA
EnterCriticalSection
HeapReAlloc
GetTimeZoneInformation
TerminateProcess
GetCommandLineW
WriteFile
GetLastError
CompareStringA
CreateMutexA
GetCPInfo
GetTickCount
SetConsoleMode
RtlUnwind
VirtualQuery
SetHandleCount
GetCurrentProcessId
FlushFileBuffers
DeleteCriticalSection
MultiByteToWideChar
EnumSystemLocalesA
HeapSize
HeapDestroy
IsDebuggerPresent

user32

EnumDisplaySettingsA
SetWindowWord
InvalidateRgn
GetClassInfoExA
UnregisterClassW
ChangeMenuW
DestroyWindow
RegisterClassExA
MessageBoxIndirectA
GetTitleBarInfo
RegisterClassA

comctl32

InitCommonControlsEx

advapi32

CryptHashSessionKey
AbortSystemShutdownA
RegDeleteValueA
CryptSetHashParam
CryptGetUserKey
CryptGetKeyParam
RegCreateKeyExW
CryptEnumProviderTypesA
RegOpenKeyA
GetUserNameA
LookupPrivilegeNameA
RegCloseKey
RegNotifyChangeKeyValue
CryptGenRandom
CryptGetDefaultProviderW
RegSetValueA
CryptSignHashA

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10911988dab8e5758a99305f95c3808f

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 8KB - Virtual size: 13KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 8KB - Virtual size: 13KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 3KB - Virtual size: 3KB