5c129afa0e1001d26efd90e6852e4197_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c129afa0e1001d26efd90e6852e4197_JaffaCakes118
Size

804KB
MD5

5c129afa0e1001d26efd90e6852e4197
SHA1

12a8c66dda346cea9acf726aaa1fcaeca438b747
SHA256

1b9f02cb63067f3e458ff9166d5ab9475aad2237eb9efec9a2424d0e768d9c1b
SHA512

7f4aa3e8c59372444bfafc499937b223d6e93d21567fe2fc76c06eb1a2a0f20facb2196e2198bb35a2246a58fd63e5d0adcecb0097e31f9ff088c16d8e90b33e
SSDEEP

12288:GMf2m5ka6lPwpLR8QYbcwmYwiz9smkcRM2pX/SUgxG:GK2m5kGUcFYwQzRM2pX6UR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c129afa0e1001d26efd90e6852e4197_JaffaCakes118

Files

5c129afa0e1001d26efd90e6852e4197_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e1151f5bd29c7d0c2e512196c7a4f014

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetModuleHandleA
VirtualProtect
GetModuleHandleW
GetModuleHandleA
HeapAlloc
VirtualProtect
InterlockedExchange
GetProcessHeap
GetModuleHandleW
FreeLibrary
LocalAlloc
GetProcessHeap
GetProcessHeap
InterlockedIncrement
lstrcmpiW
LocalFree
LocalAlloc
FreeLibrary
DisableThreadLibraryCalls
CloseHandle
UnhandledExceptionFilter
LocalAlloc
ReadFile
GetModuleHandleA
DeleteCriticalSection
DeleteCriticalSection
GetModuleHandleA
DisableThreadLibraryCalls
FreeLibrary
FreeLibrary
InitializeCriticalSection
lstrcmpiW
HeapFree
Sleep
InterlockedIncrement
CreateFileW
CloseHandle
GetVersionExA
CreateEventW
EnterCriticalSection
GetModuleHandleA
LoadLibraryW
InterlockedCompareExchange
InitializeCriticalSection
GetModuleHandleW
InitializeCriticalSection
UnhandledExceptionFilter
GetModuleFileNameW
GetCurrentThreadId
CreateThread
Sleep
HeapDestroy
GetLastError
VirtualProtect
lstrlenA
InitializeCriticalSection
GetModuleHandleA
FreeLibrary
LeaveCriticalSection
HeapDestroy
HeapFree
QueryPerformanceCounter
InterlockedDecrement
GetModuleHandleA
CloseHandle
GetVersionExA
SetLastError
GetTickCount
GetTickCount
HeapDestroy
VirtualProtect
lstrcmpiW
VirtualProtect
GetModuleHandleW
FreeLibrary
InterlockedCompareExchange
QueryPerformanceCounter
LocalAlloc
GetProcessHeap
CreateThread
DisableThreadLibraryCalls
GetSystemTimeAsFileTime

user32

GetDesktopWindow
IsDlgButtonChecked
DispatchMessageW
SendMessageW
IsDlgButtonChecked
GetWindowLongW
SetTimer
LoadStringW
GetWindowRect
MessageBoxW
SendDlgItemMessageW
GetDesktopWindow
TranslateMessage
ShowWindow
LoadStringW
EnableWindow
KillTimer
GetParent
DefWindowProcW
EnableWindow
GetDesktopWindow
GetParent
EnableWindow
SetFocus
SetForegroundWindow
DefWindowProcW
SetWindowLongW
ShowWindow
SetTimer
SetDlgItemTextW
CreateWindowExW
GetDlgItem
DialogBoxParamW
IsWindow
GetDesktopWindow
GetDesktopWindow
GetSysColor
wsprintfA
DispatchMessageW
DispatchMessageW
SetWindowPos
SetWindowLongW
GetParent
EndDialog
GetClientRect
GetDC
DialogBoxParamW
GetDesktopWindow
EndPaint
ReleaseDC
SetCursor
GetWindowRect
CharNextW
LoadCursorW
CharNextW
GetFocus
GetWindowRect
EndDialog
IsDlgButtonChecked
BeginPaint
CreateWindowExW
MessageBoxW
SendDlgItemMessageW
ReleaseDC
SendDlgItemMessageW
SetWindowTextW
GetDlgItem
KillTimer
EndDialog
PostMessageW
SetDlgItemTextW
GetSystemMetrics
MessageBoxW
LoadIconW
SetWindowLongW
GetDC
ReleaseDC
DefWindowProcW
ReleaseDC
SetWindowLongW
wsprintfA
SetWindowTextW
SetWindowLongW
SetWindowTextW
wsprintfA
IsWindow
TranslateMessage

Sections

.text
Size: 717KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1151f5bd29c7d0c2e512196c7a4f014

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 717KB - Virtual size: 968KB

.rdata Size: 4KB - Virtual size: 8KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 717KB - Virtual size: 968KB

.rdata
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 82KB - Virtual size: 84KB