5b1f8a6bf5fdbae6e5dbba4e2a272e0c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b1f8a6bf5fdbae6e5dbba4e2a272e0c_JaffaCakes118
Size

636KB
MD5

5b1f8a6bf5fdbae6e5dbba4e2a272e0c
SHA1

00faa52f8513a12b1b923db16746d5439da7f216
SHA256

48a66525db277304cac5a5ed1b284e63d9f70ba2496645ea03f6ae8e31ba24d8
SHA512

7121298ea25a1f6f2483994ebd848afdbfa7553bcad0fd379dcc777349ced647deff3dbf3c9eac1f72e213e9b292de7733a7aa378e0b260a968281d1c0d679cd
SSDEEP

12288:404v+aoZnLTpE+CvltvvdvGG3yBuJo/I24ZVOVbtf:404v9oFpOdvJ3yXtWV2btf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1f8a6bf5fdbae6e5dbba4e2a272e0c_JaffaCakes118

Files

5b1f8a6bf5fdbae6e5dbba4e2a272e0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f8fcc1ac8c5c1489ab836dde82bca27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetTimeFormatA
GetTempPathA
InterlockedIncrement
GetStartupInfoA
TlsAlloc
GetVersionExA
GetLogicalDrives
VirtualQuery
EnumSystemLocalesW
IsValidCodePage
InterlockedExchange
SetLocaleInfoA
UnhandledExceptionFilter
GetEnvironmentStringsW
MultiByteToWideChar
HeapDestroy
GetProcessHeap
TlsSetValue
GetLocaleInfoW
SetEnvironmentVariableA
EnterCriticalSection
GetThreadContext
GlobalAddAtomW
HeapSize
SetConsoleActiveScreenBuffer
HeapAlloc
GetTickCount
CompareStringW
WriteConsoleOutputCharacterA
TlsFree
EnumSystemLocalesA
ReadConsoleOutputCharacterW
GetStringTypeA
SetLastError
Sleep
GetLastError
GetDateFormatA
EnumResourceLanguagesW
GetCurrentThread
WideCharToMultiByte
TerminateThread
DebugBreak
WriteConsoleW
GetShortPathNameW
LoadLibraryA
VirtualFree
GetProcAddress
WritePrivateProfileStringA
VirtualQueryEx
IsDebuggerPresent
GetCommandLineW
GetPrivateProfileSectionNamesW
RtlUnwind
RtlFillMemory
SetFilePointer
GetFullPathNameA
WriteConsoleA
ReadFile
FreeEnvironmentStringsA
GetUserDefaultLCID
GetPrivateProfileIntA
OutputDebugStringA
GetAtomNameW
InterlockedDecrement
FreeLibrary
GlobalGetAtomNameA
GetConsoleMode
GetCurrentProcess
GetStringTypeW
GetLocalTime
AddAtomA
InitializeCriticalSectionAndSpinCount
MapViewOfFile
HeapCreate
lstrcmp
GetStringTypeExA
GetOEMCP
GetCommandLineA
GetModuleHandleA
GetSystemTimeAsFileTime
ReadConsoleOutputA
SetTimeZoneInformation
FreeEnvironmentStringsW
GetModuleFileNameW
FormatMessageA
GetStdHandle
lstrcpyA
SetWaitableTimer
GetLocaleInfoA
FindNextChangeNotification
CompareStringA
ReadConsoleW
CreateMutexA
FreeResource
EnumResourceTypesW
CreateFileMappingW
FoldStringA
GetACP
TransmitCommChar
CreateFileA
CreatePipe
LeaveCriticalSection
SetThreadContext
LCMapStringW
ExitProcess
GlobalFindAtomA
WriteFile
EnumSystemCodePagesA
GetShortPathNameA
OpenFileMappingW
UnmapViewOfFile
GetSystemInfo
OpenMutexA
LocalHandle
GetNamedPipeHandleStateA
GetFileType
GetEnvironmentStrings
FileTimeToSystemTime
QueryPerformanceCounter
SetEvent
TerminateProcess
GetCPInfo
CreateEventW
GetCurrentThreadId
CloseHandle
WaitForMultipleObjectsEx
FlushFileBuffers
SetHandleCount
GetConsoleOutputCP
GetComputerNameA
ReadFileEx
DeleteCriticalSection
GetCurrentProcessId
GetModuleFileNameA
GetCompressedFileSizeW
SetUnhandledExceptionFilter
InitializeCriticalSection
WriteProfileStringA
TlsGetValue
SetStdHandle
SetConsoleCtrlHandler
lstrcpyW
HeapReAlloc
lstrcpyn
VirtualAlloc
LCMapStringA
GetConsoleCP
IsValidLocale
CreateDirectoryExA
GetTimeZoneInformation
GetThreadPriorityBoost
EnumDateFormatsW
EnumResourceNamesA
GetStartupInfoW

comctl32

ImageList_DrawIndirect
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_Write
InitMUILanguage
CreatePropertySheetPage
CreateStatusWindow
GetEffectiveClientRect
ImageList_DragEnter
DestroyPropertySheetPage
ImageList_GetImageCount
ImageList_Copy
ImageList_SetBkColor
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_Replace
ImageList_SetOverlayImage
MakeDragList
ImageList_Remove
InitCommonControlsEx

user32

GrayStringW
SetWindowRgn
RegisterClassA
BeginDeferWindowPos
GetDialogBaseUnits
ScrollWindow
EmptyClipboard
CharToOemA
CopyAcceleratorTableA
SetMessageExtraInfo
InvertRect
InflateRect
OpenWindowStationA
CheckMenuRadioItem
DefWindowProcA
GetMenuBarInfo
SetMenuItemInfoA
UnpackDDElParam
LoadIconA
LoadAcceleratorsA
OpenWindowStationW
DrawCaption
GetScrollPos
IsCharUpperA
DefFrameProcW
SetWindowsHookExA
MsgWaitForMultipleObjects
CreateAcceleratorTableA
DialogBoxIndirectParamW
SetWinEventHook
DlgDirListComboBoxA
GetUserObjectInformationA
GetClassInfoExW
ExitWindowsEx
IsCharAlphaNumericW
GetMessageTime
LookupIconIdFromDirectoryEx
RegisterClassExA
ChildWindowFromPointEx
KillTimer
DestroyMenu
ChangeMenuA
CloseDesktop
BroadcastSystemMessageA
UnhookWindowsHook
InsertMenuItemA
SetClassLongA

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f8fcc1ac8c5c1489ab836dde82bca27

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 116KB - Virtual size: 124KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 116KB - Virtual size: 124KB

.rsrc
Size: 68KB - Virtual size: 64KB