5ac4149a1f715aa41cc4eb45c2ac1613_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ac4149a1f715aa41cc4eb45c2ac1613_JaffaCakes118
Size

42KB
MD5

5ac4149a1f715aa41cc4eb45c2ac1613
SHA1

9598303405e64334152751aeb3173cc3687a5645
SHA256

e4dfadc0f356b602c0d940c87f7b2eea5906ea8079142f0a17a16940745a320c
SHA512

efb65a08c1dd15d20bc4673b084739998d358ae2e3019ee3448dbca6fc66767b279471a841af3ad3c192fa25941012c3359fd1ac5abed90567d40812c03156c3
SSDEEP

768:zsxeQYnRAcPPCSBfmAEL11DCoL6LwYR7gptQMHRzEHeojNrPV:Yx+RAf8uAS11DChLd2tQ8RzE+ojN5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ac4149a1f715aa41cc4eb45c2ac1613_JaffaCakes118

Files

5ac4149a1f715aa41cc4eb45c2ac1613_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6f86e0c8313f451db5bf7cf03ec1c85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogA
VirtualProtect
OpenWaitableTimerA
OpenProcess
CancelWaitableTimer
CreateConsoleScreenBuffer
GlobalMemoryStatus
CreateHardLinkW
ReadConsoleOutputCharacterW
WaitNamedPipeW
FindAtomW
WritePrivateProfileStructA
ProcessIdToSessionId
WriteFile
FindNextVolumeMountPointW
GetConsoleCursorMode
GetLastError
GetVolumeNameForVolumeMountPointW
GetTempPathW
_llseek
CreateDirectoryA
FormatMessageW
GetDefaultCommConfigW
GetTimeFormatW
TransactNamedPipe
NlsGetCacheUpdateCount
MoveFileW
SetConsoleWindowInfo
GetModuleHandleW
GlobalAddAtomW
GetProfileSectionA
lstrcmpW
MoveFileExA
VerLanguageNameW
WritePrivateProfileStructW
Heap32First
BuildCommDCBA
HeapValidate
NlsConvertIntegerToString
GetSystemTimeAsFileTime

user32

SetCursor
GetDlgItemInt
DrawStateA
DdeGetLastError
GetDC
GetCursorInfo
EnumDisplayDevicesW
SetWindowRgn
ClientThreadSetup
GetMenuStringW
GetParent
GetSysColor
SetMenuItemBitmaps
GetIconInfo
DefDlgProcA
SetDlgItemInt
DrawTextW
ImpersonateDdeClientWindow
ChildWindowFromPoint
GetUpdateRgn
CopyAcceleratorTableW

gdi32

GetWindowExtEx
CLIPOBJ_bEnum
PolyPatBlt
GetKerningPairsW
InvertRgn
GetFontLanguageInfo
GdiInitSpool
CreateICW
CreatePalette
GetGlyphOutlineA
GetTextMetricsA
GdiEntry5
GdiCreateLocalMetaFilePict
GdiEndPageEMF
GetAspectRatioFilterEx
CreateDIBPatternBrush
GdiEntry8
PATHOBJ_vEnumStart
EudcLoadLinkW
CreateFontIndirectExW
OffsetClipRgn
GetBrushOrgEx
StartFormPage
Pie
GdiAddGlsRecord

comdlg32

dwLBSubclass
PrintDlgA
ChooseColorA
FindTextW
CommDlgExtendedError
Ssync_ANSI_UNICODE_Struct_For_WOW
GetOpenFileNameW
PageSetupDlgA

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d6f86e0c8313f451db5bf7cf03ec1c85

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 3KB - Virtual size: 4KB