5bafb29deb4f4b5d4c677afa55318de8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5bafb29deb4f4b5d4c677afa55318de8_JaffaCakes118
Size

229KB
MD5

5bafb29deb4f4b5d4c677afa55318de8
SHA1

e8e329d10e4443dbd1f2e98be23e5d5915371a02
SHA256

f2492c7212ee19e6209dff8cbb2dbb657ca031d8d7d310cd8277c0d4857bb52f
SHA512

2d2a9f4162b2883eae02800e21fd3e680913f0164a8803b593aeb55aaf84c70158496c15afb137150fcb0e36eb0abcb31ded3c5174c0d256eb526a880c70dad5
SSDEEP

6144:BxZUB4jyqkx9L1KrMB4EtnImL+LzYRNiJx/dgF:BxZUQyFMWtFLSONiJx/dU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bafb29deb4f4b5d4c677afa55318de8_JaffaCakes118

Files

5bafb29deb4f4b5d4c677afa55318de8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c18e62e7e14ba130dfdc6a7152ab1b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

AddAtomW
CreateSocketHandle
EnumCalendarInfoExW
EnumDateFormatsA
ExitProcess
FindResourceW
GetCommState
GetCurrentThreadId
GetModuleFileNameA
GetOEMCP
GetProcessWorkingSetSize
GetStdHandle
GetStringTypeA
GetSystemDefaultLangID
GlobalAddAtomA
GlobalGetAtomNameA
GlobalUnWire
GlobalUnfix
InterlockedDecrement
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LockResource
OpenEventW
OutputDebugStringA
ResetEvent
SetCommMask
WritePrivateProfileStringA
WritePrivateProfileStringW
lstrcpyn

advapi32

AbortSystemShutdownA
AccessCheckAndAuditAlarmW
BuildExplicitAccessWithNameW
BuildImpersonateExplicitAccessWithNameW
ConvertSecurityDescriptorToAccessNamedA
CryptDecrypt
CryptDestroyKey
CryptEnumProviderTypesA
CryptGetDefaultProviderW
CryptImportKey
DuplicateTokenEx
FindFirstFreeAce
GetAclInformation
GetExplicitEntriesFromAclW
GetSecurityDescriptorControl
GetServiceKeyNameW
IsValidSecurityDescriptor
QueryServiceConfigA
RegConnectRegistryA
RegEnumKeyExA
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegReplaceKeyW
ReportEventW
SetTokenInformation
StartServiceCtrlDispatcherA
TrusteeAccessToObjectA
TrusteeAccessToObjectW

user32

BroadcastSystemMessage
CharUpperW
CreateWindowStationW
DdeGetLastError
DdeQueryStringA
DestroyIcon
DialogBoxParamW
DlgDirListW
EndTask
EnumPropsW
GetGuiResources
GetKBCodePage
GetMenuItemInfoA
GetMenuState
GetMessagePos
GetTabbedTextExtentW
GetWindowLongW
IsClipboardFormatAvailable
LoadImageA
OpenDesktopA
PaintDesktop
RegisterClassExA
RegisterClassW
SetDoubleClickTime
SetWindowTextA
UnpackDDElParam
VkKeyScanExW
WindowFromPoint

Sections

.text
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 226KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c18e62e7e14ba130dfdc6a7152ab1b0

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 512B - Virtual size: 8KB

.data Size: 226KB - Virtual size: 236KB

.idata Size: - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 224KB

.text
Size: 512B - Virtual size: 8KB

.data
Size: 226KB - Virtual size: 236KB

.idata
Size: - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 224KB