5b4483a98559ab15ff1606686414d3a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b4483a98559ab15ff1606686414d3a5_JaffaCakes118
Size

394KB
MD5

5b4483a98559ab15ff1606686414d3a5
SHA1

40f67fbe0c0cf9722456f613310c970e8ec9ab3b
SHA256

3240109b87b97e8f969cec76f454b326b22b653836dca04e8eebad9ecf1f4a88
SHA512

0bb9bb8c3a0a23d8a47c9cfed8719fccc02ae726e6870b483c4ac631b3fcd1f9b0a64603c180a36db15a6c262450d5c101d5997b0b76ab0da534d0d368bc07ff
SSDEEP

12288:oglkWakgiOynbDkLyOV42b68u/XECceyf8fzQKaC:oglkvRRybgDf8rQK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b4483a98559ab15ff1606686414d3a5_JaffaCakes118

Files

5b4483a98559ab15ff1606686414d3a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e4f6926037dfa2a7bd2079288ed39355

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueExW

msvcrt

_controlfp
rand
isdigit
_except_handler3
_XcptFilter
_acmdln
__getmainargs
exit

kernel32

GetThreadTimes
TerminateThread
HeapDestroy
CreateEventA
LeaveCriticalSection
lstrcpyW
VirtualAllocEx
PostQueuedCompletionStatus
InterlockedDecrement
GetFileAttributesA
GetFileTime
SetNamedPipeHandleState
ReadFileScatter
GetThreadSelectorEntry
lstrlenW
CreateNamedPipeA
RtlZeroMemory
WriteFile
OpenThread
GetCurrentProcessId
HeapCompact
CreateFileA
EnterCriticalSection
GetTickCount
GetSystemTimeAdjustment
ReadFileEx
InterlockedIncrement
OpenFileMappingA
IsValidLocale
SuspendThread
RegisterWaitForInputIdle
EnumSystemLanguageGroupsA
GetSystemTimes
HeapAlloc
WriteFileEx
DosDateTimeToFileTime
GetFirmwareEnvironmentVariableA
GetSystemTime
ConvertDefaultLocale
HeapFree
TryEnterCriticalSection
SetFilePointer
GetQueuedCompletionStatus
ConnectNamedPipe
InterlockedExchange
InterlockedPushEntrySList
SetEnvironmentVariableA
MapViewOfFile
CreateFileMappingA
InterlockedCompareExchange
UnmapViewOfFile
HeapValidate
lstrcatA
SetFirmwareEnvironmentVariableA
SetThreadContext
GetThreadPriorityBoost
ResumeThread
SetThreadIdealProcessor
SetEvent
SetThreadAffinityMask
InitializeCriticalSection
GetEnvironmentVariableA
WaitNamedPipeA
ReadFile
GetSystemDefaultLangID
GetLocaleInfoA
GetSystemDefaultLCID
FileTimeToLocalFileTime
RtlFillMemory
HeapCreate
WaitForSingleObject
CreateThread
lstrcatW
CreateIoCompletionPort
InterlockedPopEntrySList

user32

GetDlgItemInt
ReleaseCapture
PostMessageW
SetDlgItemInt
IsIconic
ShowWindow
TranslateMessage
LoadAcceleratorsW
GetDC
RegisterClassW
LoadCursorW
DialogBoxParamW
InvalidateRect
SystemParametersInfoW
GetWindowDC

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4f6926037dfa2a7bd2079288ed39355

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

msvcrt

kernel32

user32

Sections

.text Size: 235KB - Virtual size: 235KB

.data Size: 149KB - Virtual size: 148KB

.rsrc Size: 9KB - Virtual size: 376KB

.text
Size: 235KB - Virtual size: 235KB

.data
Size: 149KB - Virtual size: 148KB

.rsrc
Size: 9KB - Virtual size: 376KB