5a99221dd6b67194cf0aa1c7db2e5c85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a99221dd6b67194cf0aa1c7db2e5c85_JaffaCakes118
Size

213KB
MD5

5a99221dd6b67194cf0aa1c7db2e5c85
SHA1

06ee4ef909b63ed2da31cdea518b8a014542cf02
SHA256

8f49d3bb0b13ab56ac8a073f0ffda3f839691af777e47697e3a13eb6b0730bc6
SHA512

abf8d52cb0845ec275cbd99babcd87f82ece7b253745d03c786f869bcf71e145843b5a9b38b2fb36d4772ffda6bc82f4f5617df69c3658e81d05f6bfb2ea2b83
SSDEEP

6144:vMYwQixWHh0J1M6MKvHB0FX7sdv+bs9UEB/zK9bzsNOVc517EN/AVPRPn+s6Vxuh:UYIWHh0J1M6MKvHB0FX7sdv+bNEB/zKC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a99221dd6b67194cf0aa1c7db2e5c85_JaffaCakes118

Files

5a99221dd6b67194cf0aa1c7db2e5c85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

617c89cd6b32094f43b7feaaa1495a7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalUnlock
lstrcpynA
WinExec
SetCurrentDirectoryA
WritePrivateProfileStringA
GetCurrentDirectoryA
GlobalAddAtomA
GlobalFindAtomA
LocalHandle
CloseHandle
FlushFileBuffers
WriteFile
GetLastError
CreateFileA
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
TerminateProcess
lstrlenA
GlobalAlloc
GetWindowsDirectoryA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
GlobalFree
GetVersionExA
GetPrivateProfileIntA
LocalAlloc
LocalLock
lstrcpyA
GetPrivateProfileStringA
GetModuleFileNameA
GlobalLock
FreeEnvironmentStringsA
GetCurrentProcess
UnhandledExceptionFilter
GlobalUnlock
lstrcmpiA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

ShowWindow
PostMessageA
GetWindowRect
GetDesktopWindow
RegisterClassA
RegisterClassExA
UpdateWindow
LoadImageA
LoadCursorA
LoadIconA
LoadStringA
SetWindowPos
ReleaseDC
GetDC
DialogBoxParamA
WinHelpA
wsprintfA
SetDlgItemTextA
GetDlgItemTextA
GetWindow
EndDialog
DefMDIChildProcA
DefFrameProcA
DefDlgProcA
DefWindowProcA
KillTimer
ReleaseCapture
SetCursor
SetCapture
GetCapture
SetFocus
SendMessageA
LoadAcceleratorsA
InsertMenuA
ModifyMenuA
DeleteMenu
GetSubMenu
LoadMenuA
CallNextHookEx
SetWindowsHookExA
GetWindowThreadProcessId
AppendMenuA
EnableMenuItem
GetSystemMenu
PostQuitMessage
IsIconic
SetWindowTextA
ScreenToClient
SetTimer
MessageBeep
DestroyWindow
SetWindowLongA
GetWindowLongA
SetCursorPos
GetCursorPos
SetForegroundWindow
CheckMenuItem
InsertMenuItemA
CreatePopupMenu
GetClientRect
DestroyIcon
FindWindowExA
TranslateAcceleratorA
TranslateMessage
DestroyMenu
TrackPopupMenuEx
DispatchMessageA
FindWindowA
GetMessageA
CreateWindowExA

gdi32

GetDeviceCaps

winspool.drv

ScheduleJob
AddJobA
OpenPrinterA
GetPrinterA
DocumentPropertiesA
SetPrinterA
ClosePrinter

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

comctl32

ord17
ord6
CreateToolbarEx

shell32

Shell_NotifyIconA

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

617c89cd6b32094f43b7feaaa1495a7c

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

winspool.drv

version

comctl32

shell32

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 15KB - Virtual size: 23KB

.rsrc Size: 43KB - Virtual size: 43KB

.text Size: 114KB - Virtual size: 116KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 15KB - Virtual size: 23KB

.rsrc
Size: 43KB - Virtual size: 43KB

.text
Size: 114KB - Virtual size: 116KB