5df28811debfa0dcb18b57e87338e499_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5df28811debfa0dcb18b57e87338e499_JaffaCakes118
Size

364KB
MD5

5df28811debfa0dcb18b57e87338e499
SHA1

9f7a7f21be34e4e18f7e68f43d91ac47af4e99bc
SHA256

2b831e9edc6a918fc30bb7b2551d0d9c9661867f7584f28ab73948cdc5f2877d
SHA512

2c158e600b33e8437b1404a4f3cba16f40c78048e5ce97a8b672ed6bcbdb43bf17e5e596957adccf9804c5e9e280f7233d784afbb04a0ca6486f5fd1ee62b10d
SSDEEP

6144:CQuJjxJHyIJ2Qzpdt1ztxiWEcnfWJFOqYW/JlnMpNyxodfAlg9aUp:CQatjt1JxiMneJFOqV/3Yyxoz9p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5df28811debfa0dcb18b57e87338e499_JaffaCakes118

Files

5df28811debfa0dcb18b57e87338e499_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e9053c43db5b6e85ab76cf5b4941f1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
SetEndOfFile
GetDevicePowerState
GetVolumePathNameA
GetFileAttributesExA
EnumTimeFormatsA
UnlockFileEx
ResetEvent
GlobalReAlloc
GetDllDirectoryA
LZInit
SetTimeZoneInformation
GetShortPathNameA
lstrcpyA
WriteConsoleInputA
HeapSize
GetUserGeoID
GetTempPathA
SetCommConfig
TermsrvAppInstallMode
GetModuleFileNameA
GetPriorityClass
GlobalSize
GetProcessVersion
OpenFileMappingA
VirtualAllocEx
lstrcpyA
GlobalAlloc
FindFirstVolumeMountPointA
GetLocaleInfoA
EnumSystemCodePagesA
SetFilePointerEx
GetCommTimeouts
GetFileSize
GetCurrentThread
FindFirstFileExW
GetFileTime
FlushConsoleInputBuffer
WriteConsoleA
RemoveDirectoryA
ExitThread
LoadLibraryExA
GetConsoleAliasExesA
GlobalFindAtomA
GetProcessHeaps
Heap32ListNext
FlushFileBuffers
PrepareTape
SetDllDirectoryA
GetConsoleAliasExesLengthA
IsBadWritePtr
ReleaseMutex
GetUserDefaultLCID
FileTimeToSystemTime
LocalReAlloc
ClearCommBreak
GetPrivateProfileIntA
ReadFileEx
IsBadCodePtr
LoadLibraryA
GetLogicalDrives
GlobalUnlock
ReadConsoleInputA
WaitForDebugEvent
GetFileInformationByHandle
CreateTimerQueueTimer
GetStdHandle
EnumSystemLocalesA
OpenSemaphoreA
lstrcpyW
FindResourceExA
GetWindowsDirectoryA
CancelTimerQueueTimer
PulseEvent
GetThreadContext
Heap32First
GetConsoleTitleA
LocalHandle
OpenWaitableTimerA
CreateTimerQueue
OpenJobObjectA
GetCurrentThreadId
CreateDirectoryExA
GetFileAttributesA
GetSystemWindowsDirectoryA

user32

AllowForegroundActivation
CheckRadioButton
MapVirtualKeyExW
CreateWindowStationA
TranslateMessage
EnumPropsExA
OpenDesktopA
CreateIconFromResourceEx
CreateWindowExA
GetClassNameA
RemovePropA
ActivateKeyboardLayout
TrackPopupMenuEx
GetMenu
GetWindowInfo
ClientToScreen
AlignRects
OemKeyScan
AppendMenuA
GetTabbedTextExtentA
BringWindowToTop
CheckDlgButton
DlgDirSelectComboBoxExA
RemovePropA
SwitchToThisWindow
UnionRect
RealChildWindowFromPoint
SendIMEMessageExA
GetClassNameA
GetKeyboardState
CharUpperBuffW
FindWindowExA
GetCursorPos
SetParent
SetPropA
EnumDisplaySettingsExA
SetWindowsHookA
IsServerSideWindow
GetMenuItemCount
GetLayeredWindowAttributes
GetClassInfoExA
LoadMenuA
EndMenu
OemToCharBuffA
SystemParametersInfoA
SetDlgItemTextA
GetWindowRgnBox
LockWindowStation
DefMDIChildProcA
GetDlgItemInt
ShowOwnedPopups
IsDialogMessageA
OpenClipboard
FindWindowExA
GetRawInputDeviceList
LockSetForegroundWindow
GetRawInputDeviceInfoA
ShowCaret
GetProgmanWindow
GetInternalWindowPos
GetAltTabInfoA
FindWindowA
SetRect
IsDialogMessage
ShowScrollBar
GetRawInputDeviceInfoA
DlgDirListComboBoxA
GetWindowTextA
LoadAcceleratorsA
SetSysColors
GetMessageA
EndPaint
QuerySendMessage
InsertMenuA
GetMenu
DestroyIcon
RegisterRawInputDevices
GetClassInfoExW
GetCaretPos
ArrangeIconicWindows
GetInputDesktop
UpdatePerUserSystemParameters
PrivateExtractIconsA
IsCharLowerA

advapi32

RegCloseKey
DuplicateToken

Sections

.text
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 276KB - Virtual size: 543KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e9053c43db5b6e85ab76cf5b4941f1c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: - Virtual size: 2KB

.itext Size: 276KB - Virtual size: 543KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 76KB - Virtual size: 74KB

.text
Size: - Virtual size: 2KB

.itext
Size: 276KB - Virtual size: 543KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 76KB - Virtual size: 74KB