5ac12c91d8ba40fa0cbae127d746d6a9_JaffaCakes118

General

Target

5ac12c91d8ba40fa0cbae127d746d6a9_JaffaCakes118
Size

264KB
MD5

5ac12c91d8ba40fa0cbae127d746d6a9
SHA1

b2f043ef85f6e6cac1da7a7c021f255ab4fea35b
SHA256

d6b4ed1db53c05af2bfd4f4b7a20ee2f3cf69d415fdde70f6a4f8370f09a6c9a
SHA512

bc9c97317de82621ed7cc7c5d03ff8c5e82bd6efdf9b02b545f548e856ddbc2457f26bb90b970431b51599368bff5397d7901376ca4fa2ddbe9d040720fc2cd9
SSDEEP

6144:FpSf9VjQA7mlfqJ798GSZI7Y24hM4O3j2upzHhgVNO:SVV4+02PTTplgVY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ac12c91d8ba40fa0cbae127d746d6a9_JaffaCakes118

Files

5ac12c91d8ba40fa0cbae127d746d6a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

437afbd88d29d99f4d5b83810742fbd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
SetEvent
TerminateThread
WritePrivateProfileStringW
lstrlenW
GetFileSize
GetFileAttributesExW
WriteFile
ExitProcess
FreeLibrary
GlobalUnlock
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
DeleteFileW
GetCurrentProcessId
WideCharToMultiByte
SetThreadPriority
FileTimeToSystemTime
GetModuleFileNameW
SuspendThread
Sleep
GetVersion
CreateWaitableTimerW
GlobalLock
WaitForSingleObject
SetEndOfFile
FindResourceExW
InterlockedDecrement
SetCurrentDirectoryW
GlobalAddAtomW
SizeofResource
GetProcAddress
GetLastError

user32

MessageBoxW
GetWindowDC
SystemParametersInfoW
GetSystemMetrics
IsWindow
TranslateMessage
DrawTextW
SendMessageW
LoadStringW
TrackPopupMenu
SetLayeredWindowAttributes
wsprintfW
FillRect
SetCursorPos
PostMessageW
GetKeyState
GetCursorPos
EndDialog

gdi32

CreateDCW
BitBlt
DeleteObject
GetClipBox
CreateFontIndirectW
CreateSolidBrush
StretchBlt
SetMapMode
GetObjectW
LineTo
CreateCompatibleDC

advapi32

RegCreateKeyExW
InitializeSecurityDescriptor
LookupPrivilegeValueW
RegDeleteValueW
RegQueryValueExW
StartServiceW
LookupAccountSidW

oleaut32

SysFreeString
OleLoadPicture

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

437afbd88d29d99f4d5b83810742fbd5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 17KB