5dbc75b5831bc2a97a640696cf88f6f1_JaffaCakes118

General

Target

5dbc75b5831bc2a97a640696cf88f6f1_JaffaCakes118
Size

288KB
MD5

5dbc75b5831bc2a97a640696cf88f6f1
SHA1

a2a86df5336c4dadca472dbd5439293add938558
SHA256

71611e36afef36b76c4a12eaef6880c024392d6576c796ec6f91f0845bfc3c42
SHA512

2ee5d72deb5663dcd84ec8219c4eb7ef3df4cc91d017946890a66158cabce3587f3c5d32dd8cb8560c8d8832513236add7a17c8bbec9f08826995395f6f2f734
SSDEEP

6144:qSu5Fo76BG+9LBXYQsWXTaTetw7dTqGZROsPf2qF:sFo20ydXFtTawuPPf2q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dbc75b5831bc2a97a640696cf88f6f1_JaffaCakes118

Files

5dbc75b5831bc2a97a640696cf88f6f1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d765e215784fcf7bc99510bfb4b58ad3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
GetStdHandle
InterlockedIncrement
InterlockedDecrement
GetStartupInfoA
GetStartupInfoW
GetModuleHandleA
QueryPerformanceCounter
GetModuleHandleW
VirtualAlloc
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA

ole32

OleUninitialize
OleInitialize

oleaut32

OleCreatePropertyFrame

shell32

SHFileOperationW

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 221KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d765e215784fcf7bc99510bfb4b58ad3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

shell32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 221KB - Virtual size: 246KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 221KB - Virtual size: 246KB

.rsrc
Size: 10KB - Virtual size: 9KB