5c63a2bd8f774c458d31c9312b96540e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c63a2bd8f774c458d31c9312b96540e_JaffaCakes118
Size

923KB
MD5

5c63a2bd8f774c458d31c9312b96540e
SHA1

526f60ac15d1f3322d601ab904369d451ccec48d
SHA256

222f0a5e5c7f646a84134114bc9c29d0d18a93dbd984a28e6e4eff9137de4d0c
SHA512

4f5a3097e7f5d3b65397d7fe0540a2f606729d9a5e7dff2c63ea1967ebc15900d8b4860e2771bc1c1304426e0586fd6bac40d1621076d881b075d1bcbc1e4c3a
SSDEEP

12288:ba/ozsRtAPMUJznSswUXGzywIZYQOVQCsxd/t5p0yeJCT8qvU92yluNtHn:GozsDSd/ipVsjPjeUT8qv0lWHn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c63a2bd8f774c458d31c9312b96540e_JaffaCakes118

Files

5c63a2bd8f774c458d31c9312b96540e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

68642354e5f3fdeb1a6728058c53057b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarBoolFromStr
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayPtrOfIndex
VariantInit
VariantClear
VariantCopy
CreateErrorInfo
GetErrorInfo
SetErrorInfo
RegisterTypeLi
LoadTypeLi
SafeArrayRedim
VarBstrFromBool
VarBstrFromDate
VarDateFromStr
VarR8FromStr
VarI4FromStr
VariantCopyInd

wintrust

CryptCATAdminReleaseCatalogContext
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WinVerifyTrust

kernel32

HeapAlloc
HeapFree
HeapSize
GetCurrentProcessId
ExitProcess
GetCurrentThreadId
GetLastError
EnterCriticalSection
WaitForSingleObject
SetHandleCount
GetStdHandle
WriteFile
SetEndOfFile
SetFilePointer
VirtualAlloc
GetSystemTimeAsFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
CreateProcessW
GetCommandLineW
FindResourceExW
GetSystemDirectoryW
GetTempPathW
FindNextFileW
GetThreadLocale
GetOEMCP
GetACP
GlobalUnlock
GlobalLock
GetVersion
GetProcAddress
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapReAlloc
GetStringTypeW
CreateFileW
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LeaveCriticalSection
IsValidCodePage

uxtheme

GetThemePartSize

comctl32

ImageList_EndDrag
FlatSB_SetScrollProp
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
CreateToolbarEx
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_Write
ImageList_GetDragImage
ImageList_DragMove
ImageList_DragLeave
ImageList_Copy
ImageList_GetIcon
ImageList_DrawEx
ImageList_AddMasked
ImageList_Replace
ImageList_Draw
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Create
InitCommonControlsEx
ord17
DestroyPropertySheetPage
CreatePropertySheetPageW

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oeot
Size: 560KB - Virtual size: 559KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.98te4e
Size: 270KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68642354e5f3fdeb1a6728058c53057b

Headers

File Characteristics

Imports

oleaut32

wintrust

kernel32

uxtheme

comctl32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 7.0MB

.oeot Size: 560KB - Virtual size: 559KB

.98te4e Size: 270KB - Virtual size: 271KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 7.0MB

.oeot
Size: 560KB - Virtual size: 559KB

.98te4e
Size: 270KB - Virtual size: 271KB