5dccc9e8a90bc1a54d34fcf1eacdbede_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5dccc9e8a90bc1a54d34fcf1eacdbede_JaffaCakes118
Size

1.1MB
MD5

5dccc9e8a90bc1a54d34fcf1eacdbede
SHA1

5559cd656d9c8cff82de4f8a702a81e3c331b981
SHA256

2280e97c657500511881126db5dfd4fd4ebd97bcae3da1975052861d7e47a2dc
SHA512

019140255415d003b24d85602de460f4ec52942b6aa90bfa38198bebd96666921e07f4b9f02d2da54ddf462fedb9f3f25cf3af61216a16d597b4f0a845bd4956
SSDEEP

24576:4ohgENNEfAJDYBOHdLO0cyUGSw2SccP3jyG1M2tGVnIYz:4OLNN16YlO0ccIcPzy2tGVIS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dccc9e8a90bc1a54d34fcf1eacdbede_JaffaCakes118

Files

5dccc9e8a90bc1a54d34fcf1eacdbede_JaffaCakes118
.exe windows:5 windows x86 arch:x86

59c4a807be7ad14de3aa68741c28449b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptQueryObject
CertNameToStrW
CryptHashCertificate
CertSetCertificateContextProperty
CertFreeCertificateContext
CryptEncodeObject
CertEnumCertificatesInStore
CryptEnumOIDInfo
CryptFindOIDInfo

kernel32

CompareStringW
WideCharToMultiByte
IsValidCodePage
CreateFileW
GetTempPathW
ExpandEnvironmentStringsW
GetModuleHandleW
FormatMessageW
FileTimeToLocalFileTime
CloseHandle
GetFileType
ReleaseSemaphore
GetLastError
GetCurrentThreadId
ExitProcess
GetCurrentProcess
VirtualAlloc
GetVersionExW
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetProcessHeap
GetStdHandle
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapAlloc
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW

comctl32

ord17
ImageList_Create
ImageList_Add
ImageList_Draw
ImageList_AddMasked
ImageList_DrawEx
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
CreateStatusWindowW
ImageList_GetIconSize
ImageList_Write
ImageList_DragShowNolock
CreatePropertySheetPageW

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yieu
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

59c4a807be7ad14de3aa68741c28449b

Headers

File Characteristics

Imports

crypt32

kernel32

comctl32

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 6.8MB

.yieu Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 6.8MB

.yieu
Size: 1.0MB - Virtual size: 1.0MB