5ea2377bbb228ca99f21e33f278f66d8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5ea2377bbb228ca99f21e33f278f66d8_JaffaCakes118
Size

1.9MB
MD5

5ea2377bbb228ca99f21e33f278f66d8
SHA1

92443c127ee3b2a05e294adb39063e04f3cf0e5d
SHA256

f30abd5d0148d9e37b1651f9008af929e68b12c0ac7db956a2f61606179a7a98
SHA512

f928022199de2dd1d899883e54b94408936b2c39e556de14dab38e0eb5aa1fe990a71d688bbd98f1cf74170ab5be0d0464ac6750581ce202436ccc2b79a1ad0c
SSDEEP

24576:pvLvfClBigKnGgyjbw3MCFbOAfdxv/UWKH80:pvTvlGdbqHzv/Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ea2377bbb228ca99f21e33f278f66d8_JaffaCakes118

Files

5ea2377bbb228ca99f21e33f278f66d8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb24b4b6d512f51f07473e8cdd5869cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SystemParametersInfoW
GetKeyboardLayout
DdeFreeDataHandle
GetKeyboardLayoutList
GetScrollInfo
MapDialogRect
CreateIcon
FindWindowW
GetParent
CopyRect
SetRectEmpty
DrawFocusRect
GetCursorPos
GetWindowTextW
InvalidateRect
SetMenuDefaultItem
TrackPopupMenuEx
InsertMenuW
GetMenuItemID
CheckMenuItem
KillTimer
SetFocus
CreateDialogParamW
MoveWindow
UnregisterClassW
CallWindowProcW
TranslateMessage
CloseDesktop

advapi32

RegEnumValueW

kernel32

WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
CloseHandle
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
EncodePointer
VirtualAlloc
GetFileTime
SetFileShortNameW
GetSystemTimeAsFileTime
FormatMessageW
FindFirstFileExW
FindNextFileW
CopyFileExW
GetACP
GetCPInfo
EnumUILanguagesW
GetOEMCP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetCommandLineW
RaiseException
CreateFileW
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW

oleaut32

VariantChangeTypeEx
SysFreeString
GetErrorInfo
RegisterTypeLi
LoadTypeLi
VarNeg
VarBoolFromStr
VarBstrFromBool
VarBstrFromCy
VarDateFromStr
VarR8FromStr
SysReAllocStringLen
VariantChangeType
VariantCopy
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate

winspool.drv

EnumFormsW

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 587KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.465hl
Size: 620KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0bnn8
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hslr0
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb24b4b6d512f51f07473e8cdd5869cc

Headers

File Characteristics

Imports

user32

advapi32

kernel32

oleaut32

winspool.drv

Sections

.text Size: 126KB - Virtual size: 126KB

.data Size: 587KB - Virtual size: 7.6MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.465hl Size: 620KB - Virtual size: 620KB

.0bnn8 Size: 200KB - Virtual size: 199KB

.hslr0 Size: 298KB - Virtual size: 298KB

.rsrc Size: 104KB - Virtual size: 103KB

.text
Size: 126KB - Virtual size: 126KB

.data
Size: 587KB - Virtual size: 7.6MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.465hl
Size: 620KB - Virtual size: 620KB

.0bnn8
Size: 200KB - Virtual size: 199KB

.hslr0
Size: 298KB - Virtual size: 298KB

.rsrc
Size: 104KB - Virtual size: 103KB