5df9698440cddb16b3eb1b8257b6cc6a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5df9698440cddb16b3eb1b8257b6cc6a_JaffaCakes118
Size

840KB
MD5

5df9698440cddb16b3eb1b8257b6cc6a
SHA1

fd2bf274573827f2310432a5bd3d9da04ff7f2a7
SHA256

5e86bb3219dc28e2939b6135102e44c39f3408e2e39491e8fba2061a09389d5c
SHA512

010ea29edf824eedc55ccdcd9c348691e98238e5b866bffea14b5c568dc65dee7cbcc10971eb721f3447c0f41dc2b50d3bd02a8721daf307535d850df22a8e5a
SSDEEP

24576:no4tOIv3OgaNSz7wbzlhvA1iaYIXhGtjTdj6:o4kIrG2MbfsCjTdO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5df9698440cddb16b3eb1b8257b6cc6a_JaffaCakes118

Files

5df9698440cddb16b3eb1b8257b6cc6a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd428a86026d532d1417ed9a6ecc9c4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowDC
DefWindowProcW
DestroyWindow
DeferWindowPos
EndDeferWindowPos
CreateDialogParamW
EndDialog
SetDlgItemTextW
GetDlgCtrlID
CharNextW
GetCursorInfo
GetMonitorInfoW
DrawIconEx
LoadImageW
LoadCursorFromFileW
LoadBitmapW
InflateRect
SetWindowTextW
ReleaseDC
DispatchMessageW
GetDC
SetForegroundWindow
GetMenuItemInfoW
InsertMenuW
GetMenuItemID
CreateMenu
GetMenuState
GetKeyboardType
GetActiveWindow

advapi32

RegCloseKey
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteValueW

uxtheme

IsThemeBackgroundPartiallyTransparent
GetThemeColor
SetWindowTheme
GetThemePartSize

crypt32

CertFindExtension
CertFreeCTLContext
CertGetCertificateContextProperty
CryptExportPublicKeyInfo
CryptMsgUpdate
CryptMsgOpenToDecode
CryptEnumOIDInfo
CryptEncodeObjectEx
CryptAcquireCertificatePrivateKey
CryptHashPublicKeyInfo
CryptQueryObject
CryptProtectData
CertOpenStore
CertGetCertificateChain

wininet

InternetCrackUrlW
InternetSetOptionW
HttpAddRequestHeadersW
HttpSendRequestW

kernel32

IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
HeapFree
TlsFree
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapAlloc
HeapSize
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetProcAddress
LocalFree
VirtualAlloc
VirtualFree
HeapReAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThreadId
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
WriteFile
SetEndOfFile
FindClose
CreateFileW
GetCommState
MulDiv
GetSystemTime
GetLocalTime
FormatMessageW
CreateMutexW
GetModuleFileNameW
GetModuleHandleW
CreateProcessW
GetStartupInfoW
GetTempPathW
GetDiskFreeSpaceW
DeleteFileW
FindNextFileW
BuildCommDCBW
QueryPerformanceCounter
IsValidCodePage
GetACP
WideCharToMultiByte
GetLocaleInfoW
GetThreadLocale
GetStringTypeW
GetConsoleWindow
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentProcessId

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 753KB - Virtual size: 753KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd428a86026d532d1417ed9a6ecc9c4a

Headers

File Characteristics

Imports

user32

advapi32

uxtheme

crypt32

wininet

kernel32

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 753KB - Virtual size: 753KB

.data Size: 12KB - Virtual size: 7.1MB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 753KB - Virtual size: 753KB

.data
Size: 12KB - Virtual size: 7.1MB