5db926e062d3132c25027800a263c6dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5db926e062d3132c25027800a263c6dd_JaffaCakes118
Size

837KB
MD5

5db926e062d3132c25027800a263c6dd
SHA1

fb9ca589bb289ab63eb162a8351984e70f54b6ba
SHA256

b2a99a5ad7c8901b6cc935f80716e84629a40653ba0761f95adc5044913ade51
SHA512

5e2a6b470d725a8c757847fc666df81211042bb87898378a053c31bd470f1f0c5fee4ba250d5cf0e4bdcc6412a48c19cef75564a6e66b5b17f8cab28145257a4
SSDEEP

24576:s6WN5wRUOVBcTv4MSkcyAwCd0vDGGCX2c:jOv4TGAw68u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5db926e062d3132c25027800a263c6dd_JaffaCakes118

Files

5db926e062d3132c25027800a263c6dd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c83014d602a9fb453d842f3ebaa75ece

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ConfigurePortW

user32

DdeConnect
InflateRect
FrameRect
ScreenToClient
DestroyCaret
GetDC

crypt32

CryptEncodeObject
CertFreeCertificateContext
CertAddEncodedCertificateToStore
CertFreeCTLContext
CertControlStore
CryptHashPublicKeyInfo
CertGetNameStringW
CertGetCertificateChain
CryptBinaryToStringW
CryptDecodeObject

kernel32

CloseHandle
GetCommProperties
GetSystemTimeAsFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FormatMessageW
lstrcmpiW
WriteFileGather
GetModuleHandleW
GetCommandLineW
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetFileAttributesW
BindIoCompletionCallback
OpenJobObjectW
GetACP
GetCPInfo
WideCharToMultiByte
LCMapStringW
GetStringTypeW
GetConsoleWindow
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
GlobalLock
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetFileShortNameW
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
GetVersion
GetProcAddress
ReadFile
WriteFile
GetFileSize
LoadResource
WaitForMultipleObjects
GetLastError
GetCurrentThreadId
GetEnvironmentStringsW
VirtualAlloc
LocalFree
UnhandledExceptionFilter

comctl32

FlatSB_SetScrollProp
FlatSB_SetScrollPos
_TrackMouseEvent
CreateStatusWindowW
CreateToolbarEx
ImageList_GetImageInfo
ImageList_Write
ImageList_DragMove
ImageList_BeginDrag
ImageList_Copy
ImageList_LoadImageW
ImageList_Remove
ImageList_DrawEx
ImageList_AddMasked
ImageList_Replace
ImageList_Draw
ImageList_ReplaceIcon
ImageList_SetImageCount
ImageList_GetImageCount
ord17
PropertySheetW
ImageList_DragLeave

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ao38
Size: 756KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c83014d602a9fb453d842f3ebaa75ece

Headers

File Characteristics

Imports

winspool.drv

user32

crypt32

kernel32

comctl32

Sections

.text Size: 53KB - Virtual size: 53KB

.data Size: 12KB - Virtual size: 7.1MB

.idata Size: 3KB - Virtual size: 3KB

.ao38 Size: 756KB - Virtual size: 756KB

.rsrc Size: 10KB - Virtual size: 11KB

.text
Size: 53KB - Virtual size: 53KB

.data
Size: 12KB - Virtual size: 7.1MB

.idata
Size: 3KB - Virtual size: 3KB

.ao38
Size: 756KB - Virtual size: 756KB

.rsrc
Size: 10KB - Virtual size: 11KB