5aa427aa9db6feca958e9e2ed8dbdc85_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5aa427aa9db6feca958e9e2ed8dbdc85_JaffaCakes118
Size

116KB
MD5

5aa427aa9db6feca958e9e2ed8dbdc85
SHA1

2328a54563031fd906f4a71567889f0b18bfadf4
SHA256

561e3f261e1af95d176b7b295312edcfd7fe1ff44c94e5f5a703fddf3c6e5c74
SHA512

8e470af965584405e0940695e7ab8790f768403c2a6607a6df0dff6fa1eab218d72a84106b0f74dcd3219b027bf6c86e4093c23306e4393c54d5ac258c0c5afc
SSDEEP

3072:cChC6NAN/FuTmngEyyIVVofmAS8n34aQSxyT9:c0CTN/gTagEyxijDILS8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5aa427aa9db6feca958e9e2ed8dbdc85_JaffaCakes118

Files

5aa427aa9db6feca958e9e2ed8dbdc85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cce7bbce77610b9130eb5d1f4d659541

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetProcAddress
HeapSize
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLastError
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
SetFilePointer
FlushFileBuffers
CloseHandle
LoadLibraryExA
ReadFile
GetEnvironmentStrings
WideCharToMultiByte
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
SetStdHandle

user32

DefWindowProcA
GetClientRect
InvalidateRect
DestroyWindow
BeginPaint
DrawTextA
EndPaint
PostQuitMessage
CreateWindowExA
LoadIconA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
ShowWindow
GetSysColorBrush
GetSysColor
FillRect
ReleaseCapture
PtInRect
LoadCursorA
SetCursor
UpdateWindow
SetCapture
CheckRadioButton
SetDlgItemInt
GetSystemMenu
AppendMenuA
SetMenuDefaultItem
GetDC
DrawEdge
IsDlgButtonChecked
ReleaseDC
EndDialog
DialogBoxParamA

gdi32

RealizePalette
CreateHalftonePalette
SelectPalette
StretchDIBits
BeginPath
MoveToEx
LineTo
EndPath
StrokeAndFillPath
CreateBrushIndirect
Ellipse
CreatePen
Rectangle
SetROP2
CreateSolidBrush
SelectObject
SetBkColor
DeleteObject
LPtoDP
GetPixel

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce7bbce77610b9130eb5d1f4d659541

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 36KB - Virtual size: 35KB