5dbfef51201b419834daaf3055b30b88_JaffaCakes118

General

Target

5dbfef51201b419834daaf3055b30b88_JaffaCakes118
Size

409KB
MD5

5dbfef51201b419834daaf3055b30b88
SHA1

72f08ff9095baacee23492f49e232a52622dae0a
SHA256

fb5466f30f0617d9f392b70a432758eb6ba1177c49b1d8a3deb80ded88d93da3
SHA512

a0def0772e0fa15b32a1dade05bd2a8f09d05bfb673ced2e59aecc1ea485f35bcdde17055a0d265dfb8d1e9082945672152e3f872d7eac890908a8d3f61a47a5
SSDEEP

6144:gUfn1sV/GEdr7PAEnz+SC2jQ3RRXIGLoKekBhCfxAdic5:JGF9nz+N2e3XVlIfKg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dbfef51201b419834daaf3055b30b88_JaffaCakes118

Files

5dbfef51201b419834daaf3055b30b88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55055ec390bbe46ccd35a52137088f38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
TlsFree
TlsSetValue
GetFileType
GetProcAddress
UnhandledExceptionFilter
HeapReAlloc
VirtualProtect
GetLastError
IsValidLocale
GetCurrentProcessId
HeapAlloc
GetCommandLineA
GetTimeZoneInformation
LCMapStringA
GetModuleHandleA
VirtualFree
GetShortPathNameA
EnumSystemLocalesA
InterlockedExchange
HeapCreate
SetHandleCount
GetLocaleInfoW
SetEnvironmentVariableA
WideCharToMultiByte
GetCPInfo
IsBadWritePtr
FreeEnvironmentStringsW
GetCalendarInfoW
ExitProcess
GetTickCount
FreeEnvironmentStringsA
SetLastError
HeapFree
GetStringTypeA
GetModuleFileNameA
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
GetStdHandle
VirtualAlloc
CompareStringW
GetLocaleInfoA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetStringTypeW
GetUserDefaultLCID
HeapSize
IsValidCodePage
EnterCriticalSection
TlsGetValue
GetOEMCP
GetSystemTimeAsFileTime
GetSystemInfo
GetEnvironmentStrings
CompareStringA
GetTimeFormatA
GetVersionExA
GetDateFormatA
DeleteCriticalSection
WriteFile
MultiByteToWideChar
GetCurrentThread
HeapDestroy
GetStartupInfoA
GetACP
TlsAlloc
GetEnvironmentStringsW
InitializeCriticalSection

gdi32

GetCharABCWidthsFloatW
Arc
GetTextExtentPoint32W
PlayEnhMetaFileRecord
GetClipRgn
GdiGetBatchLimit
OffsetViewportOrgEx
GetSystemPaletteUse
GetColorAdjustment
SetArcDirection
GetGlyphOutlineW
TextOutA
Polyline
SetFontEnumeration
EnumObjects
ExtSelectClipRgn
GetWorldTransform
GetLogColorSpaceW
PtVisible
GetWinMetaFileBits
RemoveFontResourceA
GetCurrentObject
GetBrushOrgEx
UpdateICMRegKeyA

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55055ec390bbe46ccd35a52137088f38

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 277KB - Virtual size: 288KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 277KB - Virtual size: 288KB

.rsrc
Size: 5KB - Virtual size: 5KB