5c33e2cf6e1584d00aa8dad7cee64449_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5c33e2cf6e1584d00aa8dad7cee64449_JaffaCakes118
Size

869KB
MD5

5c33e2cf6e1584d00aa8dad7cee64449
SHA1

b197802d666c1b80510d3371fc566d7e8537aa4f
SHA256

2a1df49215915b943a996892f54b33de6797a4d5a99ad09e51d73ea9adaa546a
SHA512

3cd63532a65686595533af97605695e3235336cec926680b8324d462592842ff8889406f05834c55ed67c8855924c493bcf6fb70d14f20d7d800ba1a31df6ea3
SSDEEP

24576:ZOL3oFOeQpwqAsjrQ0FGpqMC3Y6yEyIMD6PAKHcz1dK:AoQeQpBAUzFG7wnyEyI66PAzfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c33e2cf6e1584d00aa8dad7cee64449_JaffaCakes118

Files

5c33e2cf6e1584d00aa8dad7cee64449_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9f17714fb990fb75bfe1377ea09a127

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA

comctl32

ImageList_AddMasked
ord17
ImageList_ReplaceIcon

gdi32

CreateDCW
GetBrushOrgEx
CreateBitmapIndirect
MoveToEx
SelectPalette
SetTextJustification
GetEnhMetaFileDescriptionA
GetClipRgn

kernel32

GetBinaryTypeA
WaitNamedPipeA
ExitProcess
GetSystemTimeAsFileTime
GetFullPathNameA
IsBadStringPtrA
CreateDirectoryW
LocalLock
GetTimeZoneInformation
ExpandEnvironmentStringsW
FindNextChangeNotification
SetProcessAffinityMask
GetModuleHandleA
FreeLibraryAndExitThread
WriteConsoleOutputCharacterA
SetCurrentDirectoryA
VirtualAllocEx
FreeLibrary
FreeResource
EndUpdateResourceA
IsValidLocale
CreateMutexW
EnumSystemCodePagesW
EnumCalendarInfoA
SetHandleCount
InitializeCriticalSection
lstrcmpiA
GetProcessTimes
ReadDirectoryChangesW
GetOEMCP
DuplicateHandle
GetModuleFileNameW
GetTempPathW
AreFileApisANSI
SetCommTimeouts
GetTempFileNameA
MultiByteToWideChar
VirtualFree

ws2_32

select
WSARecv
ntohl
WSAAsyncGetProtoByNumber
WSAConnect
WSAGetServiceClassNameByClassIdW
WSAIsBlocking

user32

SendNotifyMessageW
SetMenuItemBitmaps
AdjustWindowRect
AdjustWindowRectEx
ShowWindow

msvcrt

vfprintf
_unlink
strftime
sscanf
wcscspn
_dup2
difftime
_mbctolower
fscanf
_wtoi
_mbscat
_c_exit
_waccess
_close
strtoul
_wcsnset
_ltoa
_stricoll
strpbrk
towlower
_fdopen
vsprintf
ungetc
_ltow
strtol

Sections

.text
Size: 6KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 611KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9f17714fb990fb75bfe1377ea09a127

Headers

File Characteristics

Imports

version

comctl32

gdi32

kernel32

ws2_32

user32

msvcrt

Sections

.text Size: 6KB - Virtual size: 222KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 611KB - Virtual size: 611KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 222KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 611KB - Virtual size: 611KB

.rsrc
Size: 17KB - Virtual size: 16KB