5d0c5ed668d88e1f89f689b70777342b_JaffaCakes118

General

Target

5d0c5ed668d88e1f89f689b70777342b_JaffaCakes118
Size

108KB
MD5

5d0c5ed668d88e1f89f689b70777342b
SHA1

add1baeae6b3e4bd97c12a6a1118db7e9c4915f0
SHA256

1f87acb7899483e3a0a5e344baf7303ca99f8900966c5262cb4365c33df8dab8
SHA512

58c0fd28b130f7efc98aee3f38ffaf975503026b87e69c909b10b66d5bb79fb0f504c7331c30de200ea4fc34823a74dcf9d2e2d977b6b10f7dfcbfffac18e813
SSDEEP

3072:zro3jaW1GiAGqE+13I1j5C842YN332y3RUMzT:zvut+qZ4842SnD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5d0c5ed668d88e1f89f689b70777342b_JaffaCakes118

Files

5d0c5ed668d88e1f89f689b70777342b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7e58b50b34af975487e8499a6bd83a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

toupper

gdi32

SelectClipPath
SetRectRgn
CreateDiscardableBitmap

shlwapi

GetMenuPosFromID
UrlCompareW

rasapi32

RasHangUpA

advapi32

InitializeSecurityDescriptor
WriteEncryptedFileRaw
RegEnableReflectionKey

oleaut32

UnRegisterTypeLi

kernel32

SetThreadPreferredUILanguages
SetCurrentConsoleFontEx
FindFirstFileNameW
CloseHandle
ConvertFiberToThread
LocalFileTimeToFileTime
SetTimeZoneInformation
GetCommandLineA
LoadLibraryW
DisconnectNamedPipe
FindAtomA
CreateConsoleScreenBuffer
FindVolumeMountPointClose
SetFileApisToOEM

msvcrt

fprintf
fwrite
putc

user32

GetKeyState
GetLastInputInfo
TileWindows
SetForegroundWindow
DrawIconEx
CharNextW
RegisterHotKey
LockWorkStation
LoadCursorFromFileA
DlgDirListW
MessageBoxIndirectA
GetWindowModuleFileNameW
GetDlgItemTextW
GetScrollPos
GetWindowRect
WindowFromPoint
GetMenuInfo
SetCursor

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7e58b50b34af975487e8499a6bd83a2

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

gdi32

shlwapi

rasapi32

advapi32

oleaut32

kernel32

msvcrt

user32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 48KB - Virtual size: 49KB

.pdata Size: 16KB - Virtual size: 12KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 48KB - Virtual size: 49KB

.pdata
Size: 16KB - Virtual size: 12KB