5ded18001ec5d6a2dd98ac928d3f02e7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5ded18001ec5d6a2dd98ac928d3f02e7_JaffaCakes118
Size

583KB
MD5

5ded18001ec5d6a2dd98ac928d3f02e7
SHA1

2316a52775280144bb9c807d77c64b88325fc0e5
SHA256

d3e1ee12b2cec68ca0e3990e5737c70c9d79b8eb0ee37873f5fd964699d3fe9d
SHA512

7166d90b071a2ed121d416557da1714ea233ebd46d71140465eeca0581e665c73aade6285fce836c9117f039011e6e0022830de32fd01a5416c389fca999bd00
SSDEEP

12288:vze7SkCCjLv8pXwISQQYrLIlGvoMcGqODoTfVD60QqnNc:bmCsLvx9YrLtQMeTvc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ded18001ec5d6a2dd98ac928d3f02e7_JaffaCakes118

Files

5ded18001ec5d6a2dd98ac928d3f02e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f5dc1defae3f4199e631b92fe9a13e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontsA
LineTo
CreatePolygonRgn
UnrealizeObject
GetBoundsRect
PtVisible
RemoveFontResourceA
GetCharWidthW
GetDIBits
SetDeviceGammaRamp
StartDocA
FrameRgn
GetPixel
GetWinMetaFileBits
ColorMatchToTarget

comctl32

InitCommonControlsEx

wininet

GopherFindFirstFileW
InternetCheckConnectionW

kernel32

GetCurrentProcess
InterlockedExchange
ConnectNamedPipe
GetFileType
SetUnhandledExceptionFilter
InitializeCriticalSection
SetEnvironmentVariableA
DeleteCriticalSection
GlobalDeleteAtom
LCMapStringW
GetModuleFileNameA
OutputDebugStringA
LCMapStringA
InterlockedIncrement
GetVolumeInformationW
GetEnvironmentStringsW
GetUserDefaultLCID
ReadFile
CreateSemaphoreA
VirtualProtectEx
WideCharToMultiByte
IsDebuggerPresent
GetCurrentProcessId
QueryPerformanceCounter
SetConsoleCtrlHandler
CompareStringA
CreateFileA
VirtualProtect
LeaveCriticalSection
GetDateFormatA
GetLocaleInfoW
OutputDebugStringW
GetTimeFormatA
InterlockedExchangeAdd
IsValidCodePage
CreateMailslotW
GetProcAddress
GetStdHandle
GetStartupInfoW
ExitProcess
GetStringTypeA
CreateNamedPipeA
SetStdHandle
LoadLibraryA
TlsFree
EnterCriticalSection
CloseHandle
DebugBreak
FreeEnvironmentStringsA
GetStringTypeW
GetLocaleInfoA
GetCurrentThread
GetACP
SetLastError
WriteFile
GetCommandLineA
WriteConsoleA
GetLastError
GetSystemTimeAsFileTime
HeapDestroy
GetPrivateProfileIntW
GetProcessHeap
TlsSetValue
lstrlenA
HeapReAlloc
IsValidLocale
GetVersionExA
GetStartupInfoA
GetOEMCP
GetEnvironmentStrings
WriteProfileStringW
GetPrivateProfileSectionNamesA
HeapCreate
GetDiskFreeSpaceW
GetCompressedFileSizeW
GetConsoleCP
ReadConsoleOutputCharacterW
IsBadReadPtr
GetCPInfo
TlsAlloc
CreateMutexA
LoadLibraryExA
GetVersionExW
VirtualQuery
GetCurrentThreadId
SetFilePointer
GetConsoleMode
SetHandleCount
FreeEnvironmentStringsW
GetConsoleOutputCP
MultiByteToWideChar
FlushFileBuffers
VirtualAlloc
OpenMutexA
GetModuleHandleA
GetStringTypeExW
GetTickCount
HeapAlloc
LoadLibraryW
CompareStringW
InterlockedDecrement
FreeLibrary
TlsGetValue
GetModuleFileNameW
HeapFree
SetThreadLocale
RaiseException
UnhandledExceptionFilter
RtlUnwind
HeapValidate
TerminateProcess
VirtualFree
GetTimeZoneInformation
EnumSystemLocalesA
WriteConsoleW

user32

CharNextA
SetCaretPos
GetNextDlgGroupItem
PeekMessageA
GetDlgCtrlID
DrawIcon
VkKeyScanA
DlgDirSelectExA
RegisterClassA
UnloadKeyboardLayout
ReuseDDElParam
CreateDesktopA
RegisterClassExA
SetMenu
DdeImpersonateClient
LoadIconA
BroadcastSystemMessageW

advapi32

RegLoadKeyA
RegCreateKeyExW
CryptReleaseContext
RegEnumValueA
CreateServiceA
CryptAcquireContextA
CryptGenKey
CryptGetKeyParam
CryptEnumProvidersW
LookupPrivilegeDisplayNameW
LookupAccountNameA
CryptEnumProviderTypesW
GetUserNameA
RegSaveKeyA
RegSetValueExW
RegDeleteKeyW
RegQueryValueA
RegRestoreKeyA
RegDeleteValueW
LogonUserW
RegCloseKey
RegNotifyChangeKeyValue
RegEnumValueW
RegCreateKeyW
RegFlushKey

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f5dc1defae3f4199e631b92fe9a13e3

Headers

File Characteristics

Imports

gdi32

comctl32

wininet

kernel32

user32

advapi32

Sections

.text Size: 312KB - Virtual size: 311KB

.rdata Size: 47KB - Virtual size: 73KB

.data Size: 211KB - Virtual size: 211KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 312KB - Virtual size: 311KB

.rdata
Size: 47KB - Virtual size: 73KB

.data
Size: 211KB - Virtual size: 211KB

.rsrc
Size: 11KB - Virtual size: 11KB