5add7c81c84b4be347af6e5f96c22753_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5add7c81c84b4be347af6e5f96c22753_JaffaCakes118
Size

396KB
MD5

5add7c81c84b4be347af6e5f96c22753
SHA1

9601c1654656f3e11f7b03d423533b957c27a7ab
SHA256

f29a261eab450cc27b11ebf1fa1ee5b98eaf8cc1a51c0998864afb39e4db8999
SHA512

b37f064d465fba82fca432fb07e13044c51e2461ade358201543938a870dda81c6d6edff18fea937bcbc569c7816dffc878152e43c3bea2c6553cbcb19c467cd
SSDEEP

3072:+xwQ+rEsjBs5HASTHOQKI3akwZbDLgjkj8L+AGg6HC:+HsFs5HAa/sTU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5add7c81c84b4be347af6e5f96c22753_JaffaCakes118

Files

5add7c81c84b4be347af6e5f96c22753_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c76e90d9e6a3bde7c193b3bb2cfe1551

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

comdlg32

GetSaveFileNameA

kernel32

WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
WaitForSingleObject
CloseHandle
CreateThread
SetThreadPriority
HeapAlloc
HeapCreate
HeapDestroy
Sleep
CreateFileA
ReadFile
SetFilePointer
FindResourceA
LoadResource
SizeofResource
GetFileSize
MapViewOfFile
UnmapViewOfFile
GetConsoleOutputCP
GetCurrentProcess
GetTickCount
WriteFile
GetProcAddress
CopyFileA
CreateFileMappingA
GetModuleHandleA
GetVersionExA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
WriteConsoleW
SetEndOfFile
EnterCriticalSection
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
HeapReAlloc
GetCommandLineA
GetStartupInfoA
GetModuleHandleW
ExitProcess
LeaveCriticalSection
GetLastError
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
LockResource
GetFileType
DeleteCriticalSection
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
InitializeCriticalSectionAndSpinCount
VirtualAlloc

shell32

SHBrowseForFolder
SHGetSpecialFolderPathA
SHGetPathFromIDList

shlwapi

PathFileExistsA

user32

DialogBoxParamA
SetDlgItemTextA
SendDlgItemMessageA
LoadIconA
wsprintfA
GetWindowTextLengthA
SendMessageA
MessageBoxA
GetDlgItem
EndDialog
ReleaseCapture
GetDlgItemTextA

winmm

waveOutUnprepareHeader
waveOutGetPosition
waveOutRestart
waveOutPause
waveOutWrite
waveOutClose
waveOutReset
waveOutPrepareHeader
waveOutOpen

ole32

CoTaskMemFree

Sections

.Inc
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Inc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Inc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c76e90d9e6a3bde7c193b3bb2cfe1551

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

kernel32

shell32

shlwapi

user32

winmm

ole32

Sections

.Inc Size: 300KB - Virtual size: 300KB

.Inc Size: 80KB - Virtual size: 80KB

.Inc Size: 8KB - Virtual size: 8KB

.mackt Size: 4KB - Virtual size: 4KB

.Inc
Size: 300KB - Virtual size: 300KB

.Inc
Size: 80KB - Virtual size: 80KB

.Inc
Size: 8KB - Virtual size: 8KB

.mackt
Size: 4KB - Virtual size: 4KB