5b3eb3b67228e2f5ca28cc59c86ace9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b3eb3b67228e2f5ca28cc59c86ace9f_JaffaCakes118
Size

2.7MB
MD5

5b3eb3b67228e2f5ca28cc59c86ace9f
SHA1

5b002ea6f62c1547b3c5109156506e06933c10da
SHA256

7c991055467b77dc980061d23d7b03646db95b320191962bcfe12ecd20229b12
SHA512

71c3f0f96006e2cff419dbbf37df20044112d2cedd4e9c86643de08cac12ba1d7b4606aa92cffdda6acc98108f531c444d111538c91e3d169afb74d12e0ecf53
SSDEEP

12288:X1REn5HgW6uJ632/pgIFmZ+xiKQhnv1nsPDiglJA/tgDXFwpGJajNGC3pIHbr1QS:X1jqi+3D16/tUXNs13W7h8fSaUIxUi0F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b3eb3b67228e2f5ca28cc59c86ace9f_JaffaCakes118

Files

5b3eb3b67228e2f5ca28cc59c86ace9f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4e3c7d087aea8a126dc0f2d8710a1506

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Destroy
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_Draw
ImageList_Replace
ImageList_AddMasked
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Remove
ImageList_LoadImageW
InitCommonControlsEx
ImageList_EndDrag
ImageList_DragEnter
ImageList_SetDragCursorImage
ImageList_GetDragImage
ImageList_Read
ImageList_Write
ImageList_GetIconSize
CreateToolbarEx
_TrackMouseEvent
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Copy
CreatePropertySheetPageW

advapi32

RegSetValueExW

kernel32

GetConsoleWindow
EnumDateFormatsExW
FindNextFileW
GetTempPathW
EnumResourceNamesW
OutputDebugStringW
ExpandEnvironmentStringsW
GetProcessVersion
GetModuleFileNameW
lstrcmpW
FileTimeToLocalFileTime
SystemTimeToFileTime
EscapeCommFunction
GetFileSize
ReleaseSemaphore
InitializeCriticalSectionAndSpinCount
ResetWriteWatch
VirtualAlloc
GlobalAlloc
SetFileValidData
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
CreateFileW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

crypt32

CryptBinaryToStringW
CertFreeCertificateChain
CertGetNameStringW
CertNameToStrW
CryptHashPublicKeyInfo
CryptExportPKCS8
CertFindExtension
CryptHashCertificate
CertControlStore
CertAddStoreToCollection
CertAddCertificateContextToStore
CertFreeCRLContext
CertSetCertificateContextProperty
CertOpenStore
CryptMsgClose
CryptEnumOIDInfo
CryptDecodeObject
CryptEncodeObject
CryptEncodeObjectEx

user32

DdeGetLastError
WinHelpW
LoadCursorFromFileW
GetTopWindow
SetWindowLongW
PtInRect
ScreenToClient
GetCursor
MessageBeep
GetScrollRange
SetScrollRange
GetDC
SetForegroundWindow
DeleteMenu
LoadAcceleratorsW
IsWindowEnabled
SetTimer
GetFocus
CharUpperW
GetPriorityClipboardFormat
GetDlgCtrlID
GetWindowPlacement
IsWindow
GetKeyboardLayoutList
GetWindowTextLengthW

rasapi32

RasGetEntryPropertiesW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 622KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.7bk12
Size: 542KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r9r22t
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hu8ttd
Size: 421KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eitrw
Size: 446KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e3c7d087aea8a126dc0f2d8710a1506

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

crypt32

user32

rasapi32

Sections

.text Size: 106KB - Virtual size: 105KB

.data Size: 622KB - Virtual size: 7.2MB

.idata Size: 4KB - Virtual size: 4KB

.xdata Size: 1024B - Virtual size: 724B

.7bk12 Size: 542KB - Virtual size: 542KB

.r9r22t Size: 523KB - Virtual size: 523KB

.hu8ttd Size: 421KB - Virtual size: 420KB

.eitrw Size: 446KB - Virtual size: 446KB

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 106KB - Virtual size: 105KB

.data
Size: 622KB - Virtual size: 7.2MB

.idata
Size: 4KB - Virtual size: 4KB

.xdata
Size: 1024B - Virtual size: 724B

.7bk12
Size: 542KB - Virtual size: 542KB

.r9r22t
Size: 523KB - Virtual size: 523KB

.hu8ttd
Size: 421KB - Virtual size: 420KB

.eitrw
Size: 446KB - Virtual size: 446KB

.rsrc
Size: 100KB - Virtual size: 100KB