5cd3f4703e1e00390f03e1d424825b60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5cd3f4703e1e00390f03e1d424825b60_JaffaCakes118
Size

2.0MB
MD5

5cd3f4703e1e00390f03e1d424825b60
SHA1

cfd93e29a88258cc6e6129ca09286bb3d62a9023
SHA256

70abb0b4919743243f5186b1bf3d27f75ceb222c76709b7997c55e2a2fa6248f
SHA512

c1fd286f64edd97ac191bb890c7a7f9f028bd3edee84d5523ed0b5e27a6056fa922ca9740a90b0b12024e240e121dc0777b9fe271f0c6da6713db2a760338ab1
SSDEEP

49152:O6NmZcNzAhiPmmnPDsPGmt4SMjeMVwmFG:O1cxAhiP/oPGmt5M1G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cd3f4703e1e00390f03e1d424825b60_JaffaCakes118

Files

5cd3f4703e1e00390f03e1d424825b60_JaffaCakes118
.exe windows:5 windows x86 arch:x86

34635dcad3261d5d87958f95824dc035

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetW
ImageList_Add
ord17
ImageList_Destroy
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_Create
InitCommonControlsEx
ImageList_Draw

setupapi

SetupDecompressOrCopyFileW
SetupGetFileCompressionInfoA
SetupGetFileCompressionInfoW
SetupGetBinaryField

kernel32

GetDriveTypeW
GetQueuedCompletionStatus
GlobalLock
InterlockedExchange
GetDiskFreeSpaceA
PostQueuedCompletionStatus
LeaveCriticalSection
DuplicateHandle
ReleaseMutex
CreateIoCompletionPort
lstrcmpiA
SearchPathA
FlushFileBuffers
IsValidCodePage
ResetEvent
RaiseException
FormatMessageW
ResumeThread
CreateThread
GetTimeFormatA
GetVolumeInformationW
GetExitCodeThread
FindResourceExW
SetEndOfFile
GetTimeZoneInformation
CreateDirectoryA
OpenProcess
GetSystemInfo
SetCurrentDirectoryW
GetShortPathNameA
GetTempPathA
GetExitCodeProcess
EnterCriticalSection
GetFileAttributesA
FindNextFileA
RemoveDirectoryA
GlobalFlags
GetSystemDirectoryW
CreateMutexW
CompareFileTime
GetDateFormatA
GetConsoleCP
GetVersion
GetModuleHandleW
GetProcAddress
GetModuleHandleA
LoadLibraryA
SetLastError
IsBadReadPtr
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
GetStringTypeW
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
LockFile
FindClose
FindFirstFileA
GetBinaryTypeW
MulDiv
SizeofResource
GetCurrentThreadId
GetTickCount
GetACP
GetSystemTimeAsFileTime
FreeLibrary
CreateFileMappingA
CloseHandle
GetVersionExA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
TerminateThread

user32

GetSystemMenu
MoveWindow
GetSystemMetrics
ClientToScreen
CreateWindowExW
GetWindowLongA
TranslateMessage
CreatePopupMenu
LoadStringW
EmptyClipboard
SetClassLongW
GetKeyState
SetWindowPos
CharLowerBuffW
LoadAcceleratorsW
DrawTextA
MessageBoxIndirectA
TrackPopupMenu
AppendMenuW
GetMessagePos
GetClientRect
SendMessageW
DestroyMenu
DispatchMessageW
DestroyWindow
GetClassInfoExW
EndDialog
SetCursor
GetParent
TranslateAcceleratorW
CharNextW
LoadBitmapA
CheckDlgButton
IsWindowEnabled
SendMessageTimeoutA
SetWindowLongW
GetSysColor
RegisterClassExW
GetWindowThreadProcessId
EnumChildWindows
DefWindowProcW
TrackPopupMenuEx
EndPaint
IsWindowVisible
InvalidateRect
GetWindowLongW
LoadMenuW
BeginPaint
ReleaseDC
SetClipboardData
CheckMenuRadioItem
SetFocus

advapi32

AllocateLocallyUniqueId
GetSidSubAuthority
RegCloseKey
RegQueryValueExW
FreeSid
RegEnumKeyExW
RegOpenKeyW
EqualSid
RegDeleteKeyW
RegEnumValueW
InitializeSid
RegCreateKeyExW
RegQueryInfoKeyW
IsValidSid
RegEnumKeyW
RegDeleteValueW
RegQueryValueW
RegOpenKeyExW
AllocateAndInitializeSid

Sections

.text
Size: 792KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34635dcad3261d5d87958f95824dc035

Headers

File Characteristics

Imports

comctl32

setupapi

kernel32

user32

advapi32

Sections

.text Size: 792KB - Virtual size: 788KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 244KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 792KB - Virtual size: 788KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 244KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 8KB - Virtual size: 7KB