5bb19e87fcc5b18ab2b7ee7e0929c16f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5bb19e87fcc5b18ab2b7ee7e0929c16f_JaffaCakes118
Size

172KB
MD5

5bb19e87fcc5b18ab2b7ee7e0929c16f
SHA1

11b427843e916b74de6255f021d9e27a00d1543b
SHA256

31d5d9ad2eda613a526e39a26ef07b6fcfc1897b26043be3cf60a64c719a411f
SHA512

b89830bcb834a52b15ec5e7660d66fd98f54d95817a194f9c55cb4bba682675f851bd6d12c1c1bc1a3f7e6b3677c18085fb72dd9ef210ee32534d7dc2441c36d
SSDEEP

1536:op/bfWQdLnxoL0Sa4PB0UsOQurR3IMKEq4ct5UZb:oVeQALWzmzrFINEq4ct5UZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bb19e87fcc5b18ab2b7ee7e0929c16f_JaffaCakes118

Files

5bb19e87fcc5b18ab2b7ee7e0929c16f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

1c6bd7ab92c3d16f273248da089091be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
HeapReAlloc
HeapReAlloc
SetEvent
VirtualFree
GetCurrentProcessId
FormatMessageW
GetStartupInfoW
WideCharToMultiByte
lstrlenW
HeapAlloc
GetCommandLineW
Sleep
InitializeCriticalSection
GetVersionExA
ReadFile
InterlockedIncrement
GetCommandLineW
HeapReAlloc
GetModuleHandleW
SetEvent
Sleep
GetStartupInfoA
QueryPerformanceCounter
lstrlenW
lstrlenW
LocalAlloc
GetVersionExA
UnhandledExceptionFilter
lstrcpyW

user32

GetWindow
SetCursor
InvalidateRect
GetWindow
GetWindow
DrawTextW
GetWindow
IsWindow
MessageBoxW
FindWindowW
wsprintfW
GetDesktopWindow
GetWindowRect
GetDC
SetForegroundWindow

advapi32

RegSetValueExW
AllocateAndInitializeSid
GetLengthSid
AdjustTokenPrivileges
CloseServiceHandle
CloseServiceHandle
RegQueryValueExW
FreeSid
RegSetValueExW
RegOpenKeyExW

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c6bd7ab92c3d16f273248da089091be

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

Size: 148KB - Virtual size: 160KB

Size: 1024B - Virtual size: 4KB

Size: 1KB - Virtual size: 4KB

�vmp0 Size: 2KB - Virtual size: 2KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 1KB - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�vmp0
Size: 2KB - Virtual size: 2KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 1KB - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB