5d23c780b836dc9931f5c41f945cc6db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d23c780b836dc9931f5c41f945cc6db_JaffaCakes118
Size

854KB
MD5

5d23c780b836dc9931f5c41f945cc6db
SHA1

7245d104f79c7256109d1239d3c6a01a9bb00ada
SHA256

12167ec1ab4bac4ff49d85adc321173b4ea4bf07d84174112e6e67ce67214e67
SHA512

e5b6bef8d94be1277c0435cec517885434db0066c41e2ef4d87762cc12283df3c31f3bff1fbae4b3c3fd98c386a37d447d16e51691df0ccc682cb9b9a5498874
SSDEEP

12288:cZ0yV+wJXyAEB7bQflUPbnPURv9OsrmqTJ4621jo5UpsqlT/udgu0d1J/OE:g+cCAMLPbPURvS4WfdoTc/Igu0d/m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d23c780b836dc9931f5c41f945cc6db_JaffaCakes118

Files

5d23c780b836dc9931f5c41f945cc6db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

96574cfd3c97af935cab5bfa1a346ea5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlUnescapeW
UrlIsW
PathStripPathW
PathRemoveBlanksW
PathIsNetworkPathW
PathIsUNCW
UrlEscapeW
PathIsDirectoryW
PathFindFileNameW
PathFileExistsW
PathCombineW
PathBuildRootW
PathAppendW
SHStrDupW
SHDeleteEmptyKeyW
SHDeleteKeyW
SHGetValueW
PathIsRootW
StrCmpIW
StrTrimW
StrToIntExW
StrStrW
StrCmpNW
StrChrW

kernel32

GetFileType
GetStdHandle
GetProcessHeap
GetModuleHandleExW
GetCommandLineW
IsProcessorFeaturePresent
SetLastError
RtlUnwind
GetProcAddress
GetVersion
GlobalUnlock
LocalAlloc
LocalLock
VirtualAlloc
HeapAlloc
GetCurrentProcess
ExitProcess
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateFiberEx
GetCurrentThreadId
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseSemaphore
GetFileSize
FindClose
EncodePointer
MulDiv
GetLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageW
lstrcmpW
CreateMutexW
CreateEventW
CreateFileMappingW
GetModuleFileNameW
GetModuleHandleW
ExpandEnvironmentStringsW
GetFileAttributesW
FindFirstFileW
MoveFileWithProgressW
CancelIo
QueryPerformanceCounter
IsValidCodePage
GetACP
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
GetUserDefaultLCID
GetStringTypeW
GetConsoleWindow
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
OutputDebugStringW
LoadLibraryExW
IsDebuggerPresent
GetCPInfo
CloseHandle
GetOEMCP
HeapFree
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
WriteFile
GetStartupInfoW
CreateFileW
DecodePointer

user32

ScrollWindow
ActivateKeyboardLayout
GetKeyboardLayoutList
DrawEdge
DrawFrameControl
SystemParametersInfoW
TranslateMDISysAccel
GetScrollInfo
IsDialogMessageW
LoadBitmapW
GetWindow
GetParent
EqualRect
FrameRect
WindowFromPoint
ShowCaret
CreateCaret
GetCursor
ShowCursor
GetWindowTextW
GetScrollRange
ReleaseDC
SetActiveWindow
DrawTextW
SetMenuItemInfoW
GetMenuItemInfoW
AppendMenuW
GetMenuItemID
DestroyMenu
GetSystemMenu
EnableWindow
GetActiveWindow
GetClipboardOwner
CreateDialogParamW
EndDeferWindowPos
MoveWindow
PostThreadMessageW
GetMessageW

comctl32

ImageList_Create
ImageList_SetImageCount
ImageList_Add
ImageList_ReplaceIcon
ImageList_Draw
ImageList_DrawIndirect
ImageList_LoadImageW
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
CreateToolbarEx
ImageList_Write

wintrust

WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData
CryptCATAdminCalcHashFromFileHandle
WTHelperGetProvSignerFromChain

shell32

SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
DragAcceptFiles

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 753KB - Virtual size: 753KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

96574cfd3c97af935cab5bfa1a346ea5

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

comctl32

wintrust

shell32

Sections

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 753KB - Virtual size: 753KB

.data Size: 13KB - Virtual size: 7.1MB

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 753KB - Virtual size: 753KB

.data
Size: 13KB - Virtual size: 7.1MB