5dc123b25b72b177274ace32319badf4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5dc123b25b72b177274ace32319badf4_JaffaCakes118
Size

537KB
MD5

5dc123b25b72b177274ace32319badf4
SHA1

5f97fd299ca503e0638ff0d11cab3f338563fd47
SHA256

388890f87c4a739582ea65d602fc8ba42a7df5726cc79665a45765e2c972eb96
SHA512

2db455089d5bff12a63c066e360088b38a36b0e61543149f60929d39acbac40d474f291105c38a35ef3faa538de16e4c42cc66158e8af6e331d2f2b4b38cd281
SSDEEP

12288:6XYtWb8Rdk4J94NtdiF4iPxpEvzdEeNNd9yMX3k:6XY6n4sNziF4vJNb9yMXU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dc123b25b72b177274ace32319badf4_JaffaCakes118

Files

5dc123b25b72b177274ace32319badf4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73bdb278abd4227c78ead9753c19df9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\sexnliawm\qepnf\xxf\eopjoeff\weoel\nsotykkb.pdb

Imports

comctl32

CreateUpDownControl
ImageList_Duplicate
ImageList_Add
ImageList_DragLeave
ImageList_SetBkColor
ImageList_Merge
ImageList_GetIcon
ImageList_Read
InitCommonControlsEx
CreateStatusWindowW
ImageList_GetFlags

comdlg32

ReplaceTextA
GetSaveFileNameA
PageSetupDlgA

advapi32

CryptExportKey
CryptDuplicateHash
CryptEnumProviderTypesW
RegSaveKeyW
CryptGenKey

wininet

InternetAlgIdToStringW
FtpPutFileA
RunOnceUrlCache
HttpAddRequestHeadersW
LoadUrlCacheContent

user32

SendIMEMessageExA
CallMsgFilter
EnumDesktopsW
EnumWindowStationsW
ChangeDisplaySettingsW
IsWindowEnabled
GetWindowDC
IsIconic
DrawAnimatedRects
UnhookWindowsHookEx
SetWindowContextHelpId
CreateDesktopA
AnyPopup
RegisterClassA
WindowFromDC
CreateIcon
GetKeyboardLayout
GetMenuDefaultItem
DdeSetUserHandle
EnumPropsA
SendNotifyMessageA
GetMenu
VkKeyScanExW
RegisterClassExA

shell32

DoEnvironmentSubstW
FindExecutableW
SHGetPathFromIDListW

kernel32

GetStartupInfoA
WriteFile
HeapDestroy
LeaveCriticalSection
GetTimeFormatA
EnterCriticalSection
ExitProcess
HeapAlloc
InterlockedExchange
GetEnvironmentStrings
SetFilePointer
GetLocaleInfoW
GetOEMCP
GetCurrentProcessId
SetEnvironmentVariableA
TerminateProcess
CompareStringW
GetStdHandle
VirtualFree
TlsAlloc
UnhandledExceptionFilter
QueryPerformanceCounter
GetFileType
HeapFree
GetTimeZoneInformation
GetModuleFileNameA
IsValidCodePage
TlsGetValue
FreeEnvironmentStringsA
GetStringTypeA
HeapCreate
DeleteCriticalSection
GetSystemTimeAsFileTime
VirtualQuery
RtlUnwind
LCMapStringW
EnumSystemLocalesA
SetStdHandle
GetProcAddress
GetModuleHandleA
GetCPInfo
GetEnvironmentStringsW
GetVersionExA
MultiByteToWideChar
IsBadWritePtr
VirtualProtect
CreateMutexA
CloseHandle
HeapReAlloc
TlsSetValue
FreeEnvironmentStringsW
FlushFileBuffers
IsValidLocale
TlsFree
GetLastError
GetCurrentThreadId
OpenMutexA
GetCurrentProcess
ReadFile
SetLastError
InitializeCriticalSection
GetDateFormatA
SetHandleCount
GetCurrentThread
FindFirstFileW
WideCharToMultiByte
GetLocaleInfoA
GetACP
GetUserDefaultLCID
GetCommandLineA
HeapSize
VirtualAlloc
GetStringTypeW
LCMapStringA
GetLongPathNameW
LoadLibraryA
GetSystemInfo
LocalCompact
CompareStringA
GetTickCount

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73bdb278abd4227c78ead9753c19df9b

Headers

File Characteristics

PDB Paths

Imports

comctl32

comdlg32

advapi32

wininet

user32

shell32

kernel32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 208KB - Virtual size: 221KB

.data Size: 109KB - Virtual size: 109KB

.rsrc Size: 50KB - Virtual size: 50KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 208KB - Virtual size: 221KB

.data
Size: 109KB - Virtual size: 109KB

.rsrc
Size: 50KB - Virtual size: 50KB