5b9950f96257bc8b621ae5a83f1b47c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b9950f96257bc8b621ae5a83f1b47c7_JaffaCakes118
Size

136KB
MD5

5b9950f96257bc8b621ae5a83f1b47c7
SHA1

87bed923bff3df21b32131876f25ce8a8ffbe43a
SHA256

ce1e5e15029fd8b269add4862d8729f4766fb702f88f2a89e9ea7964143a2256
SHA512

dd91c54dee3d5fea7cff3c59b00d78283a864bef24f78d9944c16f1865ec48de9bcbcb4d46b3be3d38b4695e44a1c8eb52f3a5c16ff6acfa8fac0a68c16d522f
SSDEEP

3072:EOt8sYoK4IjO6y0HJqbtLpx7wyWDhJLQmK1pYLMlG6nn:tGLZHgbtLnwBDfLoIglG6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b9950f96257bc8b621ae5a83f1b47c7_JaffaCakes118

Files

5b9950f96257bc8b621ae5a83f1b47c7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e9e8314ecbec82422d2025eea053b67b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy

shlwapi

StrFormatByteSizeW
PathIsContentTypeA
SHRegEnumUSKeyA
ord156
StrCmpNW
SHRegSetPathA

shell32

ord100
SHGetFolderPathW

kernel32

lstrcmpiA
GetProcAddress
GetSystemInfo
lstrcmpiW
GetModuleHandleA
lstrcatW
OpenFile
SetFilePointer
PeekNamedPipe
SetFilePointerEx
_lclose
GetTempPathW
EnumResourceTypesA
HeapDestroy
GetHandleInformation
GetLongPathNameW
GetAtomNameA
LocalAlloc
SetThreadIdealProcessor
WaitForMultipleObjects
GetFileTime
_lopen
CloseHandle
GetThreadTimes
CopyFileExA
DeleteFileA
lstrcpyA
LoadLibraryW
FormatMessageA
GetModuleHandleW
FindResourceA
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
FileTimeToDosDateTime
ClearCommBreak

user32

RemovePropW
EnumPropsW
EndPaint
LoadCursorA
IsWindowVisible
CharUpperW
CreateIcon
GetWindowPlacement
GetForegroundWindow
DlgDirListA
SetFocus
CharUpperBuffW
SetMenuItemBitmaps
InvalidateRgn
SendMessageA
BeginPaint
TranslateMessage
LockWindowUpdate
GetCursorInfo
SetPropA
SetScrollPos
PeekMessageA
ReleaseDC
TranslateAcceleratorA
GetWindowRgn
LoadAcceleratorsA
DispatchMessageA
SetMenuItemInfoA
GetPropW
GetDC
GetDesktopWindow
PostMessageW
LoadCursorFromFileA
SetWindowTextW

gdi32

UpdateColors
SetTextCharacterExtra
OffsetClipRgn
AngleArc
SetBkColor
LineTo
SetViewportExtEx
GetSystemPaletteEntries
CreateScalableFontResourceW
GetCharWidth32A
SetBoundsRect
ExtCreateRegion
DeleteDC
GetTextExtentPoint32A
CreateCompatibleDC
CreateCompatibleBitmap
GetBitmapBits

advapi32

PrivilegedServiceAuditAlarmW
EqualPrefixSid
EqualSid
ObjectDeleteAuditAlarmA
GetSidLengthRequired

Exports

Exports

_Copy_Jpeg@12
_Create_Jpeg@12
_Set_Jpeg@12
_Update_Jpeg@12

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.const
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IMPORT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 710B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9e8314ecbec82422d2025eea053b67b

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.code Size: 7KB - Virtual size: 7KB

.data Size: - Virtual size: 160B

.vars Size: 512B - Virtual size: 424B

.zero Size: 512B - Virtual size: 512B

.const Size: 512B - Virtual size: 44B

IMPORT Size: 3KB - Virtual size: 3KB

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 1024B - Virtual size: 710B

.text
Size: 6KB - Virtual size: 5KB

.code
Size: 7KB - Virtual size: 7KB

.data
Size: - Virtual size: 160B

.vars
Size: 512B - Virtual size: 424B

.zero
Size: 512B - Virtual size: 512B

.const
Size: 512B - Virtual size: 44B

IMPORT
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 1024B - Virtual size: 710B