1f5cc0934c69394573e34be53dc41e54_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1f5cc0934c69394573e34be53dc41e54_JaffaCakes118
Size

236KB
MD5

1f5cc0934c69394573e34be53dc41e54
SHA1

55947f243c826706cfe27470530e555190911711
SHA256

9e7580489a6e346a26ac16c42a33e1857d67801bcc4191c1303d158e52c931ae
SHA512

22b09cab12c4e08549be486a0ba7e22f914d33da3a2188d256d990d2f2da74c4be71710c87d0310bb9869493655d1e14b676fdf6c03a3023414496ae13382771
SSDEEP

3072:VHZ/peTSk1rr7XcoZrBx8IlRdtF7zYLt52RlfZoqFa52QDL3ZJ6bLiD659qkg+:VHZRe7rPXfZ/fMLb2J6DLpJ6m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1f5cc0934c69394573e34be53dc41e54_JaffaCakes118

Files

1f5cc0934c69394573e34be53dc41e54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

955b3bb02242f09b23a6927f7bea9d60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
GetSubMenu
GetCursorPos
DestroyIcon
GetMenu
ReleaseDC
DestroyWindow
GetClientRect
SetWindowLongW
SetWindowPos
LoadIconA
DestroyMenu
OffsetRect
AdjustWindowRectEx
ShowWindowAsync
SetTimer
SetWindowTextW
MoveWindow
ClientToScreen

kernel32

FreeEnvironmentStringsA
CompareStringW
CompareStringA
GetTimeZoneInformation
GetLocaleInfoW
HeapSize
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
RtlUnwind
HeapReAlloc
GetEnvironmentStrings
GetCurrentThread
GetVersionExA
VirtualAlloc
Sleep
GetProcAddress
LoadLibraryA
GetCommandLineA
HeapFree
InterlockedDecrement
DeleteCriticalSection
ExitProcess
TerminateProcess
FreeLibrary
GetOEMCP
InterlockedExchange
EnterCriticalSection
HeapAlloc
ResetEvent
InitializeCriticalSection
SetConsoleCtrlHandler
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
SetEnvironmentVariableA
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
FatalAppExitA

shlwapi

SHDeleteValueW

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

955b3bb02242f09b23a6927f7bea9d60

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

Sections

.text Size: 208KB - Virtual size: 205KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 160B

.text
Size: 208KB - Virtual size: 205KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 160B