5ba467a20d1e9d35e7ede6b7de628141_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ba467a20d1e9d35e7ede6b7de628141_JaffaCakes118
Size

239KB
MD5

5ba467a20d1e9d35e7ede6b7de628141
SHA1

c1c3f4b2694ea9f00d63c988a8cb1dce5557b800
SHA256

d31dbe644e59349882ee607c71e4b3f11dfcaeab4649b585db9d4b6feed3f6e0
SHA512

a3b3c83d97e9fe7dc76ee254ec8553cd122fa5a30f5cb868cb0e24d2e01cd19544d9d8bde3a382e432e9318de8d0d1efe027ceee91d8f9db50dc0b76271d55b1
SSDEEP

3072:JVUPsc9P0Y88DUFD8Rqs9We5ds3tMPk4mCKBP6mq3SFCIf/E1PZKQaYXcRnOx8KJ:2j6Mq0Wsd8MPVKBP6j3op6AMcREJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ba467a20d1e9d35e7ede6b7de628141_JaffaCakes118

Files

5ba467a20d1e9d35e7ede6b7de628141_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9556a10fa7c7da603231cbdc8224f8fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LockResource
IsDebuggerPresent
RaiseException
GetFileSize
EnterCriticalSection
GetQueuedCompletionStatus
DisableThreadLibraryCalls
ReadFile
HeapAlloc
GetComputerNameExW
FindResourceW
lstrlenW
WaitForSingleObject
SetUnhandledExceptionFilter
LoadResource
FindResourceExW
CreateEventW
HeapFree
GetCurrentThreadId
GetProcessHeap
HeapReAlloc
LocalAlloc
GetSystemInfo
LoadLibraryExW
HeapSize
RegisterWaitForSingleObject
SizeofResource
GetSystemTime
DeleteCriticalSection
CreateFileW
PostQueuedCompletionStatus
WaitForMultipleObjects
UnregisterWaitEx
CloseHandle
LocalFree
OutputDebugStringW
UnhandledExceptionFilter
GetSystemTimeAsFileTime
CreateIoCompletionPort
HeapDestroy
LeaveCriticalSection
VirtualAlloc

ole32

IIDFromString

crypt32

CryptUnprotectData

mscms

CreateColorTransformW
SetColorProfileElement
RegisterCMMW
GenerateCopyFilePaths
GetPS2ColorRenderingIntent
SetColorProfileHeader
DeleteColorTransform
SetColorProfileElementSize

msctf

TF_CreateCicLoadMutex
TF_CreateInputProcessorProfiles

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RSIwHG
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bv
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hzfljM
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9556a10fa7c7da603231cbdc8224f8fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

crypt32

mscms

msctf

Sections

.text Size: 17KB - Virtual size: 16KB

.RSIwHG Size: 1024B - Virtual size: 4KB

.bv Size: 1KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.hzfljM Size: 512B - Virtual size: 6KB

.data Size: 213KB - Virtual size: 438KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 17KB - Virtual size: 16KB

.RSIwHG
Size: 1024B - Virtual size: 4KB

.bv
Size: 1KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.hzfljM
Size: 512B - Virtual size: 6KB

.data
Size: 213KB - Virtual size: 438KB

.rsrc
Size: 3KB - Virtual size: 3KB