05273a2735ca69c4b731fc518f811ba0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05273a2735ca69c4b731fc518f811ba0_JaffaCakes118
Size

335KB
MD5

05273a2735ca69c4b731fc518f811ba0
SHA1

8bd4a47f62e3622099fda1cd5ec2322817e065a0
SHA256

db8638b98eb22c5c96551e0eeecdda9bdf1596f8e59612f05ed1ecb19f6e331d
SHA512

be71917828c7ebeac9f4213c48a28a739c1205f08aaba4d7c9a0ce6ce56be0226e7b69a744489a79785b0f8014f15811761891c52e9251f8eb3d5a707cfaffdc
SSDEEP

6144:ThI4i3Tw+aNH6ENePFxpoEEAFOIB2zwNs+wAk+eDM9UPkgZMisP4Ry:TBi3T00bbpoE3OS2E6R2UMUsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05273a2735ca69c4b731fc518f811ba0_JaffaCakes118

Files

05273a2735ca69c4b731fc518f811ba0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ae28512f2dda1316ba960679527a8b5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

SetConsoleTitleW
FlushFileBuffers
HeapReAlloc
WriteConsoleW
SetStdHandle
RaiseException
GetStringTypeW
MultiByteToWideChar
LCMapStringW
RtlUnwind
HeapSize
Sleep
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetLastError
GetSystemTimeAsFileTime
CloseHandle
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetFileType
SetHandleCount
GetModuleFileNameW
GetStdHandle
WriteFile
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LocalAlloc
GetConsoleWindow
HeapCreate
GetProcAddress
HeapAlloc
FreeLibrary
CreateFileA
GetFileSize
GetProcessHeap
GetCPInfo
ReadFile
LoadLibraryW
CreateFileW
HeapFree
GetModuleHandleA
GetCurrentProcessId
LoadLibraryA
EnterCriticalSection
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection

user32

CreateWindowExA
BeginPaint
GetForegroundWindow
IsWindowVisible
GetWindow
SetActiveWindow
GetWindowTextA
LoadIconA
LoadCursorA
RegisterClassExA
CreateDialogParamA
ShowWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetMessageA
GetClassInfoExW
GetDlgItem
GetWindowRect
ScreenToClient
GetDC
MoveWindow
DefWindowProcA
InvalidateRect
DrawTextW
EndPaint
PostQuitMessage
MessageBoxW
GetClassNameW
FindWindowA
SetWindowTextA
MessageBoxA
OpenClipboard
EmptyClipboard
CopyImage
SetClipboardData
CloseClipboard
LoadImageA
GetSystemMetrics
LoadBitmapA
SendMessageA
GetWindowLongA
SetWindowLongA
GetClientRect

gdi32

SelectObject
MoveToEx
LineTo
SetTextColor
CreateFontW
CreateCompatibleDC
CreateCompatibleBitmap
CreatePatternBrush
DeleteObject
CreatePen

shell32

SHParseDisplayName
SHGetFolderPathW

netapi32

NetGetJoinInformation

comctl32

ImageList_Create
ord17
ImageList_AddMasked

uxtheme

OpenThemeData

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae28512f2dda1316ba960679527a8b5e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

netapi32

comctl32

uxtheme

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 5KB - Virtual size: 12KB

.bdata Size: 199KB - Virtual size: 199KB

.udata Size: 18KB - Virtual size: 17KB

.ddata Size: 4KB - Virtual size: 4KB

.rsrc Size: 23KB - Virtual size: 23KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 5KB - Virtual size: 12KB

.bdata
Size: 199KB - Virtual size: 199KB

.udata
Size: 18KB - Virtual size: 17KB

.ddata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 23KB - Virtual size: 23KB

.reloc
Size: 5KB - Virtual size: 5KB