5dea2c7b6cae24417338e05c413a68ea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5dea2c7b6cae24417338e05c413a68ea_JaffaCakes118
Size

156KB
MD5

5dea2c7b6cae24417338e05c413a68ea
SHA1

e18d1626921973091d6d2ca779bd5cc8c87e9540
SHA256

2f1a154d4bd23ecbaf65f9181f674931cefc4789b60d1d153785d448c41da07a
SHA512

046826d26f01667c02abff2435ddb7d9b37ea5e2f5b9650dc971fb9c825f7585ebdb87f29978be5a6eb4e3f1129fb541c6a6b6bcd6b8de963b3ec6b6805e5fce
SSDEEP

3072:XAScm9qAw/fmQ2qIIjVNQZbiUoATns9XKWkQVYQ0dh+6y:wG9+mQ2qIIjfEHs7kQVYQ0dh+p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dea2c7b6cae24417338e05c413a68ea_JaffaCakes118

Files

5dea2c7b6cae24417338e05c413a68ea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d2718f8ae1e432e89b19b98c66563102

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageCount
ImageList_GetIconSize
CreateToolbarEx
ImageList_AddMasked
ImageList_SetIconSize
ImageList_LoadImageW
ImageList_Read
ImageList_GetIcon
CreateStatusWindowW
ImageList_Remove
ImageList_Create
ImageList_Destroy

msvcrt

strtoul
free
clock
isdigit
wcsstr
gets
wprintf
fgetwc
wcstok
fputws
towupper
mbtowc

user32

DestroyMenu
IntersectRect
IsDlgButtonChecked
HideCaret
PeekMessageA
DrawTextW
GetWindowLongA
CallWindowProcW
LoadBitmapA
GetSubMenu
GetScrollRange
DefWindowProcA
LoadIconA
GetMenu
GetClassLongW
DrawMenuBar

gdi32

GetTextFaceW
GetDeviceCaps
RoundRect
RectVisible
CreateFontIndirectW
EnumFontsW
SetPaletteEntries
SetTextColor
CreatePolygonRgn
GetObjectW
LineDDA
GetTextExtentPointA
SetPixel
RestoreDC
SetLayout
CreateRectRgn

kernel32

GetModuleHandleA
SetFileAttributesA
LoadLibraryExW
GlobalAddAtomA
GlobalHandle
RemoveDirectoryA
LockFile
GetEnvironmentStrings
ExpandEnvironmentStringsW
TlsGetValue
SizeofResource
MoveFileExA
GlobalLock
GetThreadContext
SetLocalTime
LocalAlloc
DeleteFileA

winspool.drv

ord203
EnumPortsW

Exports

Exports

_IwTig_Inx_ns@12
_XkU_oUvU_jjnL_h@12
_PkJl_nutzk_ebe@8

Sections

.icode
Size: 4KB - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2718f8ae1e432e89b19b98c66563102

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

msvcrt

user32

gdi32

kernel32

winspool.drv

Exports

Exports

Sections

.icode Size: 4KB - Virtual size: 308KB

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 7KB - Virtual size: 7KB

.vars Size: 512B - Virtual size: 512B

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 105KB - Virtual size: 104KB

.reloc Size: 5KB - Virtual size: 4KB

.icode
Size: 4KB - Virtual size: 308KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 7KB - Virtual size: 7KB

.vars
Size: 512B - Virtual size: 512B

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 105KB - Virtual size: 104KB

.reloc
Size: 5KB - Virtual size: 4KB