5a70805cb30acb6d56d797afc59db6f8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a70805cb30acb6d56d797afc59db6f8_JaffaCakes118
Size

146KB
MD5

5a70805cb30acb6d56d797afc59db6f8
SHA1

fe7b7d935167f5ab3a0295a172fb72f4e0ae7c72
SHA256

a9f5f32b647602e625fe6b0ec2113b7da68f79ed304c80509843469e297c5388
SHA512

61e7fa6b63f5c012becd35317ad4907cda1ac505641f774b545b83994c2ba3444902b9997cfb66091c3f7f8bf72d94cd8e8b34c6c3e6fed39df8fe00c91429c8
SSDEEP

3072:9q+zut8Eq7ZZ8bt5pqd+nSryueSuWiZQlROOfeEEL2MMFWOJRfPWX:9q+66Emsg43ueSEQfr8/MUOzf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a70805cb30acb6d56d797afc59db6f8_JaffaCakes118

Files

5a70805cb30acb6d56d797afc59db6f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f1e51051c36adb6444230f5bbacb94f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
VirtualProtect
SetConsoleIcon
EnumLanguageGroupLocalesW
GetConsoleKeyboardLayoutNameW
GetStringTypeExW
GetLastError
GetStringTypeW
CreateTimerQueueTimer
Process32FirstW
RegisterWaitForSingleObjectEx
GetPrivateProfileIntW
EndUpdateResourceW
VerifyVersionInfoA
SetThreadExecutionState
GetVolumePathNameA
ChangeTimerQueueTimer
RegisterWaitForInputIdle
DeleteVolumeMountPointA
UnlockFile
GetTapeParameters
DeleteFileW
BeginUpdateResourceA
ConsoleMenuControl
AddAtomW
GetUserDefaultLangID
Process32First
GetSystemPowerStatus
GetPrivateProfileSectionW
EnterCriticalSection

user32

DialogBoxParamA
CliImmSetHotKey
RegisterSystemThread
GetWindowThreadProcessId
InternalGetWindowText
GetClassInfoW
SetDlgItemTextA
CharUpperW
LoadCursorFromFileW
GetTabbedTextExtentA
SetParent
InsertMenuItemA
GetWindowModuleFileNameA
EndDialog
IsDialogMessage
OemToCharBuffW
TranslateAcceleratorA
SetRect
GetDlgCtrlID
TabbedTextOutA
DlgDirSelectExW
DefMDIChildProcA
GetMenuStringA
GetUserObjectInformationA
GetMenuDefaultItem
SetScrollRange
SetShellWindowEx
GetMenuInfo
LoadCursorA
GetSysColor
GetDlgItemTextA
SetClassLongA
SetCursor
MessageBoxIndirectA

gdi32

SetWindowOrgEx
XLATEOBJ_iXlate
ChoosePixelFormat
EnumEnhMetaFile
GdiConvertEnhMetaFile
GdiSetServerAttr
SetArcDirection
SetPixel
PlayEnhMetaFileRecord
EnumFontsW
GetFontData
EngAlphaBlend
CreateRoundRectRgn
SetTextAlign
EngCreateBitmap
SelectClipPath
GetTextExtentPointW
CreateMetaFileW
GetArcDirection
GetBoundsRect
CreateDIBSection
StartDocW
EngLockSurface
EngUnicodeToMultiByteN
ArcTo
ExtEscape

comdlg32

Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseFontA
PageSetupDlgA
dwLBSubclass
GetSaveFileNameW
ReplaceTextA
ChooseColorA
PrintDlgA
PrintDlgExW
GetOpenFileNameW

Sections

.text
Size: 4KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1f1e51051c36adb6444230f5bbacb94f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 164KB

.data Size: 138KB - Virtual size: 140KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 164KB

.data
Size: 138KB - Virtual size: 140KB

.idata
Size: 3KB - Virtual size: 4KB