5e016fef53603902827164a56ecd9940_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e016fef53603902827164a56ecd9940_JaffaCakes118
Size

413KB
MD5

5e016fef53603902827164a56ecd9940
SHA1

53434d431a2142a2d7bc7ec3658f7f14ebd027f4
SHA256

566ed8fe0e189dfed57c6cac03465179d666deee7da8af3b0a513b881ef39f2c
SHA512

6d6367605449e38200eda9d3d112fd63019414bef5e7ddf9c7072909604fd5c897d5cf83a47ab62f5c0ce09e696e7575389c226450583898fc5342cc5b28840e
SSDEEP

12288:LFn2B/0va0rL0koTegO2dhd75BWyahnd+55:xQ0vaOoTIEhv9E4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e016fef53603902827164a56ecd9940_JaffaCakes118

Files

5e016fef53603902827164a56ecd9940_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0372e22921019c8b78b2985e183ce3ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
OpenWaitableTimerW
GetVersionExA
GetStringTypeW
RtlUnwind
GetEnvironmentStringsW
TlsAlloc
GetCurrentProcess
GetCommandLineA
VirtualAlloc
HeapSize
GetTimeZoneInformation
HeapReAlloc
FreeEnvironmentStringsA
LocalFree
EnumSystemLocalesA
FillConsoleOutputAttribute
HeapDestroy
GetModuleFileNameA
GetVersion
GetEnvironmentStrings
ExitProcess
CompareStringW
GetDateFormatA
GetLocaleInfoA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetCommandLineW
GetLogicalDrives
GetStartupInfoA
QueryPerformanceCounter
TlsFree
LCMapStringA
LockFileEx
IsValidLocale
SetHandleCount
EnumResourceLanguagesA
HeapAlloc
GetACP
HeapFree
SetLocaleInfoW
WriteFile
GetCurrentProcessId
WideCharToMultiByte
GetFileType
GetCurrentThread
MultiByteToWideChar
GetModuleFileNameW
GetTempFileNameA
DeleteCriticalSection
GetLastError
GetProcessHeap
UnhandledExceptionFilter
LCMapStringW
AddAtomA
EnumCalendarInfoExW
VirtualProtect
VirtualFree
TlsSetValue
LeaveCriticalSection
EnumDateFormatsA
IsValidCodePage
GetTimeFormatA
IsBadWritePtr
GetOEMCP
GetLocaleInfoW
GetProcAddress
EnterCriticalSection
FreeEnvironmentStringsW
GetCurrentDirectoryA
GetUserDefaultLCID
InterlockedExchange
GetStartupInfoW
TlsGetValue
GetCPInfo
VirtualQuery
SetLastError
SetEnvironmentVariableA
GetStringTypeA
HeapCreate
GetCurrentThreadId
GetStdHandle
GetNumberFormatA
TerminateProcess
CompareStringA
GetSystemInfo
TerminateThread
GetModuleHandleA
InitializeCriticalSection

gdi32

SetEnhMetaFileBits
GetMetaFileA
ExtTextOutW
AbortDoc
GetPolyFillMode
GetGlyphOutline
GetBrushOrgEx
GetKerningPairsW
PlgBlt
SetWorldTransform
CreateDiscardableBitmap
GdiSetBatchLimit
SetWinMetaFileBits
BeginPath
PtVisible
EnumMetaFile
PlayEnhMetaFile
WidenPath
StartDocW
GetDeviceCaps

user32

GetCursorPos
DialogBoxIndirectParamA
CreateMDIWindowA
DdeCreateStringHandleW
BroadcastSystemMessageW
InvalidateRect
EndDialog
SetUserObjectInformationA

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0372e22921019c8b78b2985e183ce3ec

Headers

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.text Size: 128KB - Virtual size: 127KB

.data Size: 277KB - Virtual size: 305KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 128KB - Virtual size: 127KB

.data
Size: 277KB - Virtual size: 305KB

.rsrc
Size: 7KB - Virtual size: 7KB