5a455a3a8d6785cbf4c865d9bfdd6b6b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5a455a3a8d6785cbf4c865d9bfdd6b6b_JaffaCakes118
Size

3.7MB
MD5

5a455a3a8d6785cbf4c865d9bfdd6b6b
SHA1

a9efa916c3b07d50510320dfa5ffa5c8f1b9edab
SHA256

43e6f3c1f34ea146be0212640923382390c93bb09b0ff4fae0191f6087759780
SHA512

06d5c4f513a260448a3604e7d7ea7334bb8651492ed9e0d051865d6e9f588a3270b30c56ae94dfec504fc73e7562706abb407a38a632666153aadced2b8ca6f2
SSDEEP

98304:e+O0nXuFUrJ8xzNJs22T2rTBJ4sfluujzgRLnP+hjoQZWmA4EHU:e2XhmxzNWStJ4sfAAQnP+BKicU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a455a3a8d6785cbf4c865d9bfdd6b6b_JaffaCakes118

Files

5a455a3a8d6785cbf4c865d9bfdd6b6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d33719c6857789d04a33714bae8c5a8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptSetHashParam
StartServiceCtrlDispatcherA
SetKernelObjectSecurity
CryptSetProvParam
GetTokenInformation
EnumDependentServicesA
AccessCheckAndAuditAlarmW
SetTokenInformation
CryptGetKeyParam
GetNamedSecurityInfoW
SetEntriesInAclW
RegCloseKey
LogonUserW
RegReplaceKeyW
CreateProcessAsUserW
GetNamedSecurityInfoA
GetServiceDisplayNameW
RegisterEventSourceW

kernel32

ExitProcess
TlsGetValue
GetDriveTypeA
FormatMessageA
SearchPathW
WritePrivateProfileSectionA
SetEvent
TryEnterCriticalSection
OpenMutexA
GetCPInfo
WritePrivateProfileStringW
RemoveDirectoryW
DosDateTimeToFileTime
lstrcmpA
EndUpdateResourceA
GetLargestConsoleWindowSize
DeleteCriticalSection
GetFileAttributesExA
GlobalReAlloc
SetEndOfFile
SetConsoleMode
EnumSystemCodePagesA
GetFileAttributesA
FlushConsoleInputBuffer
OpenFile
GlobalDeleteAtom
CreateFileW
WriteConsoleOutputW
FindResourceExW
ExpandEnvironmentStringsW
QueryDosDeviceA
GlobalFree
GlobalAddAtomA
DeleteFiber
SetProcessShutdownParameters

comdlg32

PrintDlgA
ChooseColorW

user32

GetMenuState
IsCharAlphaNumericW
SetMenuItemInfoA
AttachThreadInput
IsChild
GetMessagePos
InsertMenuItemA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

shell32

ShellExecuteA
SHFileOperationA

Sections

.text
Size: 30KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d33719c6857789d04a33714bae8c5a8c

Headers

File Characteristics

Imports

advapi32

kernel32

comdlg32

user32

version

shell32

Sections

.text Size: 30KB - Virtual size: 248KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 30KB - Virtual size: 248KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 19KB - Virtual size: 18KB