5b4f7b20dd8ced50a6c46c117573a065_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b4f7b20dd8ced50a6c46c117573a065_JaffaCakes118
Size

253KB
MD5

5b4f7b20dd8ced50a6c46c117573a065
SHA1

57bae2e6520b430b05290896bd3bf5b5996324cc
SHA256

ddf75d208e27d96ff4a3643c6e7171382a2caa39d826c0ecc27874fd9e536a03
SHA512

0c00914ade6f4dcc04ee7d7e063bbacc87819809b1a98b2f0859e6d0b66cd53dbd7b2e3286da3eaf3d02664ce38b1c60ec2fafc483a0024a63f9b83706cdb3b8
SSDEEP

3072:Ju8UmyTkqb/+FI1ovZpydkvUadR0mqBB1iV6Dnic9SbffdJEORKFNjQLeSqq9LaZ:SmyTkryyhpydJaA3BGUiiyHm9sujV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b4f7b20dd8ced50a6c46c117573a065_JaffaCakes118

Files

5b4f7b20dd8ced50a6c46c117573a065_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21f315fcd51c7d5e1da60904e380e765

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SystemParametersInfoW
GetLastInputInfo

kernel32

RaiseException
OpenProcess
LoadLibraryExW
FreeLibrary
GetCurrentThreadId
UnhandledExceptionFilter
ProcessIdToSessionId
SizeofResource
CreateFileW
DeleteCriticalSection
lstrlenW
LeaveCriticalSection
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
HeapReAlloc
SetThreadExecutionState
FindResourceExW
WaitForMultipleObjects
EnterCriticalSection
LocalFree
HeapSize
WaitForSingleObject
GetSystemPowerStatus
ReadFile
HeapAlloc
LoadResource
IsDebuggerPresent
GetProcessHeap
GetFileSize
CloseHandle
FindResourceW
LocalAlloc
SetUnhandledExceptionFilter
DeviceIoControl
GetSystemTimeAsFileTime
FindClose
OutputDebugStringW
HeapFree
FindNextFileW
HeapDestroy
GetSystemInfo
GetLocalTime
FindFirstFileW
LockResource
VirtualAllocEx

ntdll

NtPowerInformation

esent

JetFreeBuffer
JetGetCursorInfo
JetRetrieveColumns
JetTerm
JetCreateTableColumnIndex
JetGetCurrentIndex
JetDefragment
JetAttachDatabase2
JetCreateDatabase2
JetSetColumnDefaultValue
JetExternalRestore2
JetRetrieveTaggedColumnList

clbcatq

GetCatalogObject

Sections

.dAlIyy
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_MEM_READ

.MjNtRKq
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gGWqpR
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PvXJVld
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fneb
Size: 1024B - Virtual size: 849B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wOwYv
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xfcBi
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oFCAwn
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tRee
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZFse
Size: 1024B - Virtual size: 609B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vXfhrdQ
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21f315fcd51c7d5e1da60904e380e765

Headers

File Characteristics

Imports

user32

kernel32

ntdll

esent

clbcatq

Sections

.dAlIyy Size: 1KB - Virtual size: 34KB

.MjNtRKq Size: 2KB - Virtual size: 9KB

.text Size: 18KB - Virtual size: 18KB

.gGWqpR Size: 1024B - Virtual size: 728B

.PvXJVld Size: 2KB - Virtual size: 1KB

.fneb Size: 1024B - Virtual size: 849B

.wOwYv Size: 2KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 179KB

.xfcBi Size: 2KB - Virtual size: 2KB

.rdata Size: 207KB - Virtual size: 207KB

.oFCAwn Size: 1024B - Virtual size: 588B

.tRee Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.ZFse Size: 1024B - Virtual size: 609B

.vXfhrdQ Size: 1KB - Virtual size: 1KB

.dAlIyy
Size: 1KB - Virtual size: 34KB

.MjNtRKq
Size: 2KB - Virtual size: 9KB

.text
Size: 18KB - Virtual size: 18KB

.gGWqpR
Size: 1024B - Virtual size: 728B

.PvXJVld
Size: 2KB - Virtual size: 1KB

.fneb
Size: 1024B - Virtual size: 849B

.wOwYv
Size: 2KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 179KB

.xfcBi
Size: 2KB - Virtual size: 2KB

.rdata
Size: 207KB - Virtual size: 207KB

.oFCAwn
Size: 1024B - Virtual size: 588B

.tRee
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.ZFse
Size: 1024B - Virtual size: 609B

.vXfhrdQ
Size: 1KB - Virtual size: 1KB