5adb3a2b4d27952e71547a8805eb6666_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5adb3a2b4d27952e71547a8805eb6666_JaffaCakes118
Size

140KB
MD5

5adb3a2b4d27952e71547a8805eb6666
SHA1

2317e7fc6a1b4342afc269a6d9c8af81721c3abe
SHA256

4e72fca70786ba6441a637eb4cfaa2471c97c764f52c03f850f3d0a51a623cb5
SHA512

3210d626a9e85f859ac808200d8946fbfaea40d853b7a414278753e49d6a59c6ff6a66c42cae8cdb08c43d18bc5edbd2c9d556ff4b97fa41c052d1036482e5c3
SSDEEP

3072:/C1B7shXbjbADC6eCFwZ74YacvW7NF2dC:HbjbADC61FwZ7VYFC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5adb3a2b4d27952e71547a8805eb6666_JaffaCakes118

Files

5adb3a2b4d27952e71547a8805eb6666_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5c29675caeb0cbbe738c3d77d7790a1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
GlobalLock
CreateMutexA
DeleteFileA
MapViewOfFile
ExpandEnvironmentStringsA
ConnectNamedPipe
LocalFileTimeToFileTime
WritePrivateProfileStringA
LocalAlloc
GetPrivateProfileStringA
TerminateThread
lstrcmpA
EnumResourceLanguagesA
FormatMessageA
_llseek
SetFilePointer
_lopen
lstrcpynA
GetVolumeInformationA
LoadLibraryExA
LocalFree
IsDBCSLeadByte
ReadFile
LockResource
GetWindowsDirectoryA
GetExitCodeProcess
GetProcAddress
RemoveDirectoryA
GetCurrentProcess
GetFileAttributesA
GetPrivateProfileIntA
GetLastError
GlobalFree
GetVersionExA
GetSystemInfo
FreeLibrary
CreateEventA
GlobalUnlock
FreeResource
SetFileTime
GlobalAlloc
ExitProcess
lstrcpyA
CreateFileA
GetCommandLineA
GetModuleHandleA
GetTempFileNameA
SetFileAttributesA
lstrcatA
SetConsoleFont
lstrcmpiA
DosDateTimeToFileTime
GetTempPathA
CreateProcessA
FindResourceA
GetModuleFileNameA
WriteFile
ResetEvent
GetCurrentDirectoryA
GetDriveTypeA
LoadResource
lstrlenA
SetEvent
GetShortPathNameA
_lclose
SetCurrentDirectoryA
GlobalSize
RaiseException
GetSystemDirectoryA
GetDiskFreeSpaceA

crypt32

CryptQueryObject
CertEnumCertificatesInStore
CertNameToStrW
CertFreeCertificateContext
CertCloseStore

ole32

OleDuplicateData
RegisterDragDrop
OleFlushClipboard
RevokeDragDrop
OleIsCurrentClipboard
DoDragDrop

gdi32

CreateCompatibleDC
CombineRgn
DeleteObject
StretchBlt
GetTextExtentPoint32A
CreateCompatibleBitmap
CreateRectRgn
SelectObject
CreateFontA
CreatePen
CreateSolidBrush

advapi32

GetTokenInformation
SetSecurityInfo
OpenProcessToken
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueW
CreateProcessAsUserW
LookupAccountSidW
SetEntriesInAclW

shlwapi

PathFindExtensionW
PathFindFileNameW

comctl32

_TrackMouseEvent

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c29675caeb0cbbe738c3d77d7790a1f

Headers

File Characteristics

Imports

kernel32

crypt32

ole32

gdi32

advapi32

shlwapi

comctl32

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 129KB

.rsrc Size: 5KB - Virtual size: 5KB

.rdata Size: 110KB - Virtual size: 235KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 129KB

.rsrc
Size: 5KB - Virtual size: 5KB

.rdata
Size: 110KB - Virtual size: 235KB