5ad5548812f5267ff4f4c3adc62ef52a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ad5548812f5267ff4f4c3adc62ef52a_JaffaCakes118
Size

2.4MB
MD5

5ad5548812f5267ff4f4c3adc62ef52a
SHA1

11c059650fae2a34e39ece2a005fd493f1fce30d
SHA256

9c3491d815652b362cb6691a0d2692dad8cf2e32d4b1d5c28f6faa785f97f5ce
SHA512

308a872b7603fbecc48369e1d82120b6fa2e980621a8bf74a64e7c0f2794fb6d41fd41e712e64f7f3791cd7a4bc026a67b332de2609df30d45e035759e719a18
SSDEEP

49152:3bwJ+IZ86A8JiyOQfJQ9lEc9OFkYoSm0L:rkfAyiyOcJQgc9H8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ad5548812f5267ff4f4c3adc62ef52a_JaffaCakes118

Files

5ad5548812f5267ff4f4c3adc62ef52a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5f5435ee178645516e9526a130f9e637

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW
ConvertSidToStringSidW
RegQueryValueW
ClearEventLogW

comctl32

DestroyPropertySheetPage
ImageList_GetImageCount
ImageList_Remove
CreatePropertySheetPageW

gdi32

CreateFontIndirectA
GetMiterLimit
CreateRoundRectRgn
StretchDIBits
SetTextAlign
CreateRectRgn
CreateDiscardableBitmap
DeleteMetaFile
ExtCreateRegion
SetDIBitsToDevice
ResizePalette
CreatePen
SetROP2
GetBrushOrgEx
SelectPalette
DeleteObject

imagehlp

ImageDirectoryEntryToData

kernel32

LoadLibraryA
OutputDebugStringA
GetCurrentThreadId
OpenEventW
HeapSize
UnmapViewOfFile
GetTimeFormatA
lstrlenW
GetFileSize
GetConsoleTitleW
MoveFileExA
ContinueDebugEvent
GlobalFree
GetConsoleTitleA
GetCPInfo
CreateProcessW
GetModuleHandleW
GetLongPathNameW
SetHandleInformation
GetStartupInfoW
WriteFile
GetModuleHandleExA
HeapAlloc
IsDBCSLeadByte
WriteProfileSectionA
WaitForSingleObject
SetConsoleActiveScreenBuffer
lstrcpynW
GetFileAttributesExA
GetOEMCP
HeapFree

msvcrt

_vsnprintf
strstr
toupper
wcscspn
putc
remove
iswprint
puts

user32

SetWindowContextHelpId
IsWindowVisible
ReleaseDC
GetSubMenu
CloseWindow
CopyRect
GetMenuItemCount
CopyImage
ChildWindowFromPointEx
TranslateMessage
GetKeyState
CreatePopupMenu
UnregisterDeviceNotification
SetWindowsHookW
SwitchDesktop
BringWindowToTop
TranslateAcceleratorW
PostQuitMessage
GetMessageA
ValidateRect
GetSystemMenu
InsertMenuA
IsWindowEnabled
DrawAnimatedRects
GetFocus
BeginPaint
EndPaint
DispatchMessageA
SetPropW
AppendMenuA
SetSysColors
MoveWindow
PeekMessageA
GetDC
DrawMenuBar
SetActiveWindow
GetWindowContextHelpId

ntdll

strcpy
memset

Exports

Exports

YizCalxdcNnegfyh@4
_Get_Region@8
_Set_Region@12
NkNXQkoyFnwywg@8
JwKHjfxqtgpkl@12

Sections

.code
Size: - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f5435ee178645516e9526a130f9e637

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

imagehlp

kernel32

msvcrt

user32

ntdll

Exports

Exports

Sections

.code Size: - Virtual size: 6.5MB

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 1024B - Virtual size: 548B

.code
Size: - Virtual size: 6.5MB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 1024B - Virtual size: 548B