5b80b801803564bdc38e9f8387c422b7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b80b801803564bdc38e9f8387c422b7_JaffaCakes118
Size

400KB
MD5

5b80b801803564bdc38e9f8387c422b7
SHA1

45dbd168b1d5d2da0dfd9ad7bb38cc121ca42072
SHA256

4003e0cbad116d544284ea324905be458cbcaf7f064d9f95a19f1bac10b04bfc
SHA512

0b00f3664f2c646b73fa1d9b9270b58274cb9c29453e2bb33d4bd0472c3496fcad6f8c5feb7faf5a614baa6ddf6f815b3cfef594c882c9894978ce0c1567473c
SSDEEP

3072:LQyqRV7vHL8AfFx6GbtaT2LvFvBEvLPk/bZJ5WVTLBceYGUTvfsYS9mgs:LuRV7QUx6GsT2LvFvevw8V+eY7Tv0Yp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b80b801803564bdc38e9f8387c422b7_JaffaCakes118

Files

5b80b801803564bdc38e9f8387c422b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b876fc8496363a3488f5fc129564bbff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastConsoleEventActive
GetVersionExA
GetExitCodeProcess
VerifyVersionInfoA
FindNextFileA
RegisterWaitForInputIdle
SetConsolePalette
SetConsoleMode
IsBadReadPtr
SetPriorityClass
GetPrivateProfileIntA
OpenFileMappingA
SetConsoleMenuClose
lstrcat
GetVolumePathNameA
SetFirmwareEnvironmentVariableA
GetLogicalDriveStringsA
ProcessIdToSessionId
ReadConsoleOutputAttribute
GetConsoleKeyboardLayoutNameA
CreateWaitableTimerA
ReleaseSemaphore
GetDiskFreeSpaceA
GetConsoleMode
GetConsoleOutputCP
GetModuleFileNameA
GetFileSize
LZDone
RaiseException
GetLogicalDrives
SizeofResource
WritePrivateProfileStructA
RegisterWaitForSingleObject
SetConsoleHardwareState
CreateTimerQueueTimer
GetFileTime
GlobalMemoryStatus
SetCommBreak
HeapDestroy
GetVersion
SetFileValidData
GetCurrentProcessId
FileTimeToSystemTime
GetEnvironmentStringsA
PostQueuedCompletionStatus
PulseEvent
OpenProcess
SetConsoleCP
GetSystemTimes
GetAtomNameA
GetConsoleCursorMode
GetThreadContext
GetDllDirectoryA
WritePrivateProfileStringA
GetSystemWindowsDirectoryA
GetConsoleMode
GetPrivateProfileSectionNamesA
GlobalFindAtomA
GetThreadTimes
GetSystemDirectoryA
GetFileAttributesExA
GlobalFix
SetSystemTime
GetNumberOfConsoleFonts
FindFirstVolumeMountPointW
HeapCreate
SetInformationJobObject
DuplicateHandle
GetTickCount
SizeofResource
CallNamedPipeA
VirtualProtectEx
CreateEventA
VirtualAlloc
FindCloseChangeNotification
GetComputerNameExA
ReadConsoleOutputAttribute
GetConsoleAliasExesA
SetVolumeLabelA
GetFileSizeEx
CancelWaitableTimer
HeapFree
ReplaceFileA
WriteConsoleOutputA
lstrcpynA
GetCurrentDirectoryA
GetDateFormatA
GetExitCodeThread
PurgeComm
MoveFileA
WriteConsoleOutputCharacterA
IsProcessorFeaturePresent
ReadConsoleA
SetSystemTimeAdjustment
GetTickCount
SetConsoleHardwareState
GetSystemWindowsDirectoryA
WriteConsoleOutputCharacterA
IsValidLanguageGroup
GetConsoleCommandHistoryLengthA
GetConsoleTitleA
SetVolumeLabelA
OpenEventA
PulseEvent
GetStringTypeExA
GetVolumePathNamesForVolumeNameA
GetDllDirectoryA
RegisterWaitForSingleObjectEx
DisconnectNamedPipe
GetVersionExA
OpenMutexA
GetThreadLocale
GetSystemDirectoryA
ExpandEnvironmentStringsA
GetThreadTimes
GetStringTypeA
IsSystemResumeAutomatic
GetWriteWatch
GetEnvironmentVariableA
GlobalUnWire
Process32First
GetFileSizeEx
GetFileAttributesA
BuildCommDCBAndTimeoutsA
WaitForMultipleObjectsEx
CopyFileExW
GetConsoleTitleA
GetModuleFileNameA
lstrcmpiA
IsWow64Process
GetProcessPriorityBoost
GlobalGetAtomNameA
Process32First
GetSystemTime
lstrcmpiA
GetTempPathA
GetFileAttributesExA
_lwrite
OpenMutexA
MoveFileWithProgressA
EnumResourceTypesA
CallNamedPipeA
GetConsoleTitleA
SetFileAttributesA
GetDefaultCommConfigA
GetFullPathNameA
GetFileAttributesA
GetVolumePathNamesForVolumeNameA
SetSystemPowerState
GetVersionExA
Module32Next
GetTempPathA
ReadConsoleA
WriteConsoleInputA
UnregisterWait
SetConsoleCursorMode
GetLocaleInfoA
SetConsoleActiveScreenBuffer
GetPrivateProfileIntA
LoadLibraryExA
IsWow64Process
FindVolumeClose
GetEnvironmentVariableA
FindVolumeMountPointClose
OpenWaitableTimerA
GetProfileStringA
Heap32Next
SetThreadAffinityMask
SetConsoleCursorPosition
OpenSemaphoreA
GetProcessHeap
GetProcessHeap
ExpandEnvironmentStringsA

user32

GetFocus
GetWindowRgn
RemovePropA
InflateRect
TrackPopupMenuEx
GetMenuInfo
GetCursorFrameInfo
SetCursorPos
CharUpperBuffW
GetKeyNameTextA
SetWinEventHook
FreeDDElParam
GrayStringA
GetAltTabInfoA
UnhookWindowsHook
CreateAcceleratorTableA
GetDlgItemTextA
CreateDialogParamA
RegisterLogonProcess
RealChildWindowFromPoint
ModifyMenuA
GetCaretPos
MessageBoxTimeoutW
TrackMouseEvent
SetMenu
TabbedTextOutA
ShowStartGlass
AlignRects
FindWindowA
ChangeDisplaySettingsExA
GrayStringA
RegisterClassA
SetMenuContextHelpId
DlgDirListA
GetMonitorInfoA
EnterReaderModeHelper
IsCharLowerA
QuerySendMessage
ToAsciiEx
GetClipboardOwner
DefRawInputProc
ReplyMessage
CloseClipboard
ReplyMessage
SwitchDesktop
GetCaretBlinkTime
OemToCharBuffW
ShowWindowAsync
AnyPopup
SetDeskWallpaper
RegisterMessagePumpHook
BuildReasonArray
HideCaret
CopyRect
InsertMenuItemA
ChangeDisplaySettingsExW
GetWindowLongA
GetWindowModuleFileNameA
ClipCursor
CreateCursor
SetClassWord
GetWindowPlacement
GetMenuItemInfoA
HiliteMenuItem
GetProcessDefaultLayout
FlashWindowEx
GetWindowTextA
RealGetWindowClassA
DispatchMessageA
GetNextDlgGroupItem
DefMDIChildProcA
GetWindowLongA
CallMsgFilterA
AppendMenuA
MenuItemFromPoint
CallMsgFilterA
SetCursor
CharNextExA
PostThreadMessageA
CreateIconIndirect
TrackMouseEvent
GrayStringA
ToUnicode
EnumPropsA

ws2_32

closesocket

Exports

Exports

IsLmfnhqerq
Ukiuwrtt
Ceqioglnsoh
BeginRkiudfulj
IsRphobeiihn
SetPyclyehxfyg

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 663KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b876fc8496363a3488f5fc129564bbff

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Exports

Exports

Sections

.itext Size: - Virtual size: 3KB

.text Size: 52KB - Virtual size: 663KB

.idata Size: 256KB - Virtual size: 255KB

.rsrc Size: 88KB - Virtual size: 86KB

.itext
Size: - Virtual size: 3KB

.text
Size: 52KB - Virtual size: 663KB

.idata
Size: 256KB - Virtual size: 255KB

.rsrc
Size: 88KB - Virtual size: 86KB