5e2097f084ff1e9e385a6766437dc7e5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e2097f084ff1e9e385a6766437dc7e5_JaffaCakes118
Size

580KB
MD5

5e2097f084ff1e9e385a6766437dc7e5
SHA1

673958d8af21f8079243c08a45c3b2cf6b818d1f
SHA256

73f454176593a3919fc5bd27cc8a59e91a1278c89b6b2216c64b13a3d089791c
SHA512

cc6b5b975e3f0c00cd945c8d3eaa2c9bc7e2f285c096b8d3d27d490475ec38efa728660712a99fd52b4ec714c7088a6c12976a6f5a40f0e9cabe2b895f0a7a70
SSDEEP

12288:mxL0mXPaaofatS7dF4IHZwLMXzAnmV46hwqQiTqXzpuLyle9jA:IL0mXPaao0+dF4IH5XzOmNLfqXze9U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e2097f084ff1e9e385a6766437dc7e5_JaffaCakes118

Files

5e2097f084ff1e9e385a6766437dc7e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb9dd4589c04ad9677d5f1f4bd84d691

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
SetWindowsHookW
GetGuiResources
CopyAcceleratorTableW
GetCursorPos
DdeImpersonateClient
OpenWindowStationA
GetMenuDefaultItem
SetDeskWallpaper
DefFrameProcA
ScrollWindow
GetMenuItemID
UnregisterDeviceNotification
RegisterClassA
MessageBoxExW
RegisterClassExA
GetClassWord
SendNotifyMessageW
SystemParametersInfoW

comctl32

InitCommonControlsEx

wininet

InternetCrackUrlW
SetUrlCacheConfigInfoW
HttpEndRequestA

kernel32

GetCurrentProcess
OpenMutexA
UnhandledExceptionFilter
GetLocaleInfoA
HeapCreate
LoadLibraryA
GetTickCount
VirtualAlloc
GetConsoleCP
GetLocaleInfoW
HeapReAlloc
QueryPerformanceCounter
IsDebuggerPresent
FlushFileBuffers
InterlockedExchange
TlsFree
VirtualQuery
GetFileType
SetLastError
GetTimeFormatA
GetStringTypeA
GetVersionExA
GetUserDefaultLCID
GetCPInfo
GetModuleHandleA
GetACP
GetLastError
WideCharToMultiByte
TlsAlloc
CreateFileA
Sleep
SetUnhandledExceptionFilter
RtlUnwind
DeleteCriticalSection
GetStdHandle
SetFilePointer
HeapSize
GetDateFormatA
EnterCriticalSection
GetStringTypeW
TlsGetValue
FreeEnvironmentStringsA
VirtualFree
LCMapStringA
InterlockedIncrement
GetCurrentThread
InterlockedDecrement
MultiByteToWideChar
GetFileAttributesExA
EnumSystemLocalesA
ReadFile
WriteFile
SetHandleCount
SetConsoleCtrlHandler
GetModuleFileNameA
CompareStringA
IsValidLocale
GetEnvironmentStrings
CloseHandle
HeapDestroy
GetOEMCP
SetStdHandle
LeaveCriticalSection
GetConsoleMode
HeapFree
HeapAlloc
FreeLibrary
GetCommandLineA
FreeEnvironmentStringsW
WriteConsoleW
WriteConsoleA
GetTimeZoneInformation
GetCurrentThreadId
GetProcessHeap
LCMapStringW
GetCurrentProcessId
IsValidCodePage
GetSystemTimeAsFileTime
CompareStringW
GetStartupInfoA
ExitProcess
GetConsoleOutputCP
TlsSetValue
GetProcAddress
InitializeCriticalSection
TerminateProcess
SetEnvironmentVariableA
GetEnvironmentStringsW
CreateMutexA

shell32

SHLoadInProc

Sections

.text
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb9dd4589c04ad9677d5f1f4bd84d691

Headers

File Characteristics

Imports

user32

comctl32

wininet

kernel32

shell32

Sections

.text Size: 242KB - Virtual size: 241KB

.rdata Size: 9KB - Virtual size: 15KB

.data Size: 319KB - Virtual size: 318KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 242KB - Virtual size: 241KB

.rdata
Size: 9KB - Virtual size: 15KB

.data
Size: 319KB - Virtual size: 318KB

.rsrc
Size: 8KB - Virtual size: 8KB