5c595e6e7a518e6e59781233b9f0a0fa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5c595e6e7a518e6e59781233b9f0a0fa_JaffaCakes118
Size

6.0MB
MD5

5c595e6e7a518e6e59781233b9f0a0fa
SHA1

58f9482895a688ae3acff3e6f1f72351025dbafb
SHA256

63a12d00df51a39449cdd29f34ca128bad0d39852783b8ad1fbcfad23f74325d
SHA512

a17e18528d9083366c3b87e9b5fca2021d05fa1afad9a01859f5af325d5040ecebbf65cd8a1751153dbf8e90682addb789ebb9832c287c6db94a4513e623786d
SSDEEP

98304:Rj0roU/xc9qrYL0hQgQAAQQxDZU62y7MsUwzEIdbGMlUq72fCsVoDxXioQ6Q3P:Rj0roU/O9kC0CGDYUxIdp72fQX8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c595e6e7a518e6e59781233b9f0a0fa_JaffaCakes118

Files

5c595e6e7a518e6e59781233b9f0a0fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

514a2c28f06689305ed62a0798aff998

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentThreadId
DecodePointer
GetCommandLineW
HeapDestroy
HeapSize
HeapReAlloc
SizeofResource
HeapAlloc
GetProcessHeap
CloseHandle
WaitForSingleObject
CreateEventW
Sleep
GetCurrentProcess
FlushInstructionCache
SetLastError
LockResource
GetSystemInfo
HeapFree
MultiByteToWideChar
GetModuleFileNameA
GetFileSize
FindResourceExW
GetModuleHandleA
LoadLibraryW
LoadLibraryA
GetLastError
CreateFileW
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
SetConsoleCtrlHandler
FatalAppExitA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
CreateSemaphoreW
GetTickCount
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
InterlockedIncrement
EnterCriticalSection
RaiseException
LeaveCriticalSection
lstrcmpiW
GetModuleHandleW
GetProcAddress
FreeLibrary
InterlockedDecrement
SetEvent
VirtualProtect
TlsAlloc
TerminateProcess
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
IsDebuggerPresent
OutputDebugStringW
EncodePointer
CreateThread
ExitThread
RtlUnwind
GetCurrentThread
ExitProcess
GetModuleHandleExW
AreFileApisANSI
WideCharToMultiByte
GetStdHandle
WriteFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualQuery

user32

SetWindowPos
MapWindowPoints
GetClientRect
GetParent
GetWindowRect
GetMonitorInfoW
MonitorFromWindow
GetWindowLongW
GetWindow
EndDialog
GetActiveWindow
CharNextW
DefWindowProcW
SendDlgItemMessageW
SetWindowLongW
DialogBoxParamW
UnregisterClassW
DestroyWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW

ole32

CoTaskMemAlloc
CoCreateInstance
CoInitialize
StringFromGUID2
CoTaskMemRealloc
CoRegisterClassObject
CoResumeClassObjects
CoRevokeClassObject
CoUninitialize
CoSuspendClassObjects
CoTaskMemFree

oleaut32

UnRegisterTypeLi
SysStringLen
RegisterTypeLi
SysFreeString
LoadTypeLi
SysAllocString
VarUI4FromStr

advapi32

RegDeleteKeyW
RegQueryInfoKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

comctl32

InitCommonControlsEx

gdiplus

GdiplusShutdown

gdi32

DeleteDC

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 610KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data0.txt
data1748814.rtf
data2607577.xls
data865134.pdf

Sharing

General

Malware Config

Signatures

Files

514a2c28f06689305ed62a0798aff998

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

advapi32

comctl32

gdiplus

gdi32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 353KB - Virtual size: 352KB

.data Size: 6KB - Virtual size: 19KB

.rsrc Size: 3.3MB - Virtual size: 3.3MB

.reloc Size: 70KB - Virtual size: 610KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 353KB - Virtual size: 352KB

.data
Size: 6KB - Virtual size: 19KB

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

.reloc
Size: 70KB - Virtual size: 610KB