5dc4b42bbdc6761deec7b86e83e2103d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5dc4b42bbdc6761deec7b86e83e2103d_JaffaCakes118
Size

406KB
MD5

5dc4b42bbdc6761deec7b86e83e2103d
SHA1

c3e0008b5e71eb2302f635fc2b8788901b00cd3c
SHA256

85a5f22e560e5d2beaa4483bbc47bcea38708d0585e01447f72c4b867c9471d2
SHA512

66c72b4e1b999af7ca92dc831efcd38b07e1c48380e7d310e634159fb932ae91249ab41b2c591eff56a0f5701c6fce8b0e49c1b2194a99b7c5f0a646300790c2
SSDEEP

12288:XvGs3g8U/0wChGvfMxq7AUvzeB1p2NFdw5bwRIs2:/Gs37U/JC8HMxUopr5URIB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dc4b42bbdc6761deec7b86e83e2103d_JaffaCakes118

Files

5dc4b42bbdc6761deec7b86e83e2103d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1ab27a0e165b23626ead250b82df34b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnumResourceNamesW
WriteFileEx
GetDriveTypeA
QueryPerformanceCounter
WritePrivateProfileStringA
HeapAlloc
LoadLibraryA
GetStringTypeExW
ExitProcess
SetThreadAffinityMask
GetStringTypeA
SuspendThread
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
GetDateFormatW
GetModuleHandleA
EnumSystemCodePagesA
GetConsoleTitleA
RtlUnwind
TerminateProcess
GetModuleFileNameA
HeapReAlloc
ReadConsoleOutputCharacterA
GetCurrentThreadId
VirtualAlloc
SetEnvironmentVariableA
GetProcAddress
GetWindowsDirectoryW
GetCurrentProcess
HeapFree
GetCompressedFileSizeW
HeapDestroy
RtlMoveMemory
GetCurrentProcessId
VirtualQuery

shell32

ShellAboutW
SHGetMalloc
ShellExecuteExW
SHInvokePrinterCommandA
SHGetNewLinkInfo
SHGetSettings
SHGetPathFromIDList
ExtractIconExA
ShellAboutA
DragQueryFileA
DragAcceptFiles
RealShellExecuteExW
SHGetPathFromIDListA
ExtractAssociatedIconW
SHInvokePrinterCommandW
SHGetFileInfo
SHFormatDrive
SHGetSpecialFolderPathA
SHFileOperation
InternalExtractIconListA
ShellExecuteA
SHFileOperationW
SHGetFileInfoW

comdlg32

PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetOpenFileNameA
ChooseColorW
FindTextA
GetSaveFileNameA
LoadAlterBitmap
ChooseFontA
ChooseFontW
PrintDlgA
FindTextW

user32

RealChildWindowFromPoint
BeginPaint
EnableMenuItem
MessageBoxIndirectA
LoadAcceleratorsW
GetWindowModuleFileNameA
PostThreadMessageA
SetDoubleClickTime
ShowScrollBar
GetKeyboardLayout
EndDeferWindowPos
GetUpdateRect
OemToCharBuffW
HideCaret
SetProcessWindowStation
ShowWindowAsync
CloseWindowStation
AnyPopup
CopyAcceleratorTableW
ChildWindowFromPointEx
ChangeMenuA

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1ab27a0e165b23626ead250b82df34b

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

user32

Sections

.text Size: 139KB - Virtual size: 138KB

.data Size: 264KB - Virtual size: 264KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 139KB - Virtual size: 138KB

.data
Size: 264KB - Virtual size: 264KB

.rsrc
Size: 2KB - Virtual size: 1KB