5c5584e95182bf2129855d9ee325a95b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c5584e95182bf2129855d9ee325a95b_JaffaCakes118
Size

286KB
MD5

5c5584e95182bf2129855d9ee325a95b
SHA1

0a8fd4ff7850ce24442b9a41adc6b3755e3526e2
SHA256

b0f05e07b5e3f1cdb2265408d8aac44b316247c9ed68572e723989ba4d2fcb3d
SHA512

4340a1439a094229ab972809d0dcc7d0874e72e7dcc8a80fe6224010a09280970d02840e6a823b743a7ef2b11869f6d315cb931e8419b4a4140684688c672533
SSDEEP

6144:xTwOmDqiCq7v23TTV0bfgmcPz81dM2KiWF8ScT1VwozZ5UPeyT:xT7mDqdSv2DTVKfgmcA1dM2yiT1ln0eG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c5584e95182bf2129855d9ee325a95b_JaffaCakes118

Files

5c5584e95182bf2129855d9ee325a95b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4abe4e32fe3a6aac2380f7b5ce272857

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
Sleep
lstrlenA
LoadLibraryW
ReadFile
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
lstrcmpiA
IsValidLocale
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
MoveFileExA
CloseHandle
GetCurrentThread
SetErrorMode
IsValidCodePage
lstrcatA
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
WideCharToMultiByte
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetLastError
SetFilePointer
GetLocaleInfoW

user32

LoadStringA
RegisterHotKey
PeekMessageA
MessageBoxA
IsWindowEnabled
PostMessageA
IsWindow
PeekMessageW
GetClassInfoW
GetSysColor
CopyImage
GetWindowTextA
CreateWindowExA
CloseWindow
GetForegroundWindow
GetDC
IsCharAlphaA

gdi32

Ellipse
CreateHatchBrush

advapi32

GetTokenInformation
OpenThreadToken

shlwapi

PathIsSameRootA
PathAddBackslashA

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4abe4e32fe3a6aac2380f7b5ce272857

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 202KB - Virtual size: 202KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 202KB - Virtual size: 202KB