5c1385b0694df84045307ba0060aefe3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5c1385b0694df84045307ba0060aefe3_JaffaCakes118
Size

2.5MB
MD5

5c1385b0694df84045307ba0060aefe3
SHA1

c0b056ec6d7a17d85a310c0f662e758e0be980fa
SHA256

f52f21c0ad534a6dc44b925904cac17cd926e3df6e0a53bc6f5aa692074f44fd
SHA512

6718626851ac113011c057aae239e43f59bb2fabd381b0d31409c871e0ea23398294bfa09b344699f5954a2a8ff2a19c0bc03a5175a25291dcd0e02fae423bd1
SSDEEP

24576:2CeD7lNsMtVXRU02nr6KfxTx+g5MJQPHE1mz7w/3MS2SXH:1e8q6/r6Kd+gNgmY/8UX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c1385b0694df84045307ba0060aefe3_JaffaCakes118

Files

5c1385b0694df84045307ba0060aefe3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d4450381a4d76acb11d4118bf100c1fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
VirtualAlloc
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
CloseHandle
MulDiv
CompareFileTime
FormatMessageW
LocalAlloc
CreateMailslotW
lstrcmpiW
GetModuleHandleW
GetStartupInfoW
FindResourceExW
GetDiskFreeSpaceW
GetFullPathNameW
FindNextFileW
GetCPInfo
GlobalLock
ConnectNamedPipe
GetVersion
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateFileW

advapi32

RegSetValueExW
OpenSCManagerW

user32

SystemParametersInfoW
LoadImageW
DestroyIcon
GetWindow
GetTopWindow
FindWindowExW
SetParent
CopyRect
SetRect
ScreenToClient
MessageBeep
MessageBoxW
SetPropW
SetScrollRange
GetDCEx
GetMenuItemID
CheckMenuItem
DestroyMenu
DrawMenuBar
LoadMenuW
DestroyAcceleratorTable
MsgWaitForMultipleObjects
ReleaseCapture
GetActiveWindow
SetFocus
CharPrevW
CharNextW
CharLowerW
GetNextDlgTabItem
FlashWindowEx
PostThreadMessageW
DrawEdge

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 241KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.el6vta
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gi8l79
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.efe00
Size: 642KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i9iy
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4450381a4d76acb11d4118bf100c1fa

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 241KB - Virtual size: 7.4MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.el6vta Size: 504KB - Virtual size: 503KB

.gi8l79 Size: 376KB - Virtual size: 375KB

.efe00 Size: 642KB - Virtual size: 642KB

.i9iy Size: 341KB - Virtual size: 341KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 241KB - Virtual size: 7.4MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.el6vta
Size: 504KB - Virtual size: 503KB

.gi8l79
Size: 376KB - Virtual size: 375KB

.efe00
Size: 642KB - Virtual size: 642KB

.i9iy
Size: 341KB - Virtual size: 341KB

.rsrc
Size: 363KB - Virtual size: 362KB