5c55d5f9b5a9f2c425814978a4a0eb8d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5c55d5f9b5a9f2c425814978a4a0eb8d_JaffaCakes118
Size

483KB
MD5

5c55d5f9b5a9f2c425814978a4a0eb8d
SHA1

912390731cdd69d7371eb6bc8773b7bd918f3dec
SHA256

9feea9ea492fd9e2bd0bde1002e0b4dbce39c43cbef2b31e9195960d7b442763
SHA512

a84b2e4270aa9718f5d87a7c8e6eb5cd22567917727c368fff8d567fdc53cd2611e6bfc58bed23786f4edff60b5077107ad957e64dcdd593bb48b90876fa6e7e
SSDEEP

12288:jgA5chMIcDDJySdL60q7zo+iOmoexagLOBn:kAahMIcxU02zUjoe1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c55d5f9b5a9f2c425814978a4a0eb8d_JaffaCakes118

Files

5c55d5f9b5a9f2c425814978a4a0eb8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd2d187c0b8d0b57a9446701dd6184a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\amue\fygje

Imports

user32

GetMenuInfo
IsRectEmpty
RegisterClassExA
GetSysColorBrush
CreateWindowExA
SetActiveWindow
SetWindowsHookW
BeginDeferWindowPos
ChangeDisplaySettingsW
GetInputState
RegisterClassA
GetListBoxInfo
InSendMessageEx
DefMDIChildProcA
ShowWindow
MessageBoxA

comdlg32

ChooseFontW
FindTextA
PageSetupDlgW
GetSaveFileNameA

kernel32

InterlockedIncrement
EnterCriticalSection
FreeEnvironmentStringsW
TlsSetValue
TerminateProcess
GetEnvironmentStringsW
CreateMutexA
GetStdHandle
EnumSystemLocalesA
OutputDebugStringA
SetFilePointer
RaiseException
HeapReAlloc
TlsFree
SetUnhandledExceptionFilter
GetFileType
GetDateFormatA
GetCurrentThread
CreateFileA
GetConsoleCP
GetTimeFormatA
GetStartupInfoA
LocalFlags
IsDebuggerPresent
WriteFile
GetEnvironmentStrings
CreateSemaphoreA
WriteConsoleA
GetCurrentProcessId
HeapCreate
GetVersionExA
IsValidCodePage
GetProcAddress
InitializeCriticalSection
GetModuleFileNameA
IsValidLocale
GetCurrentThreadId
WriteConsoleW
VirtualAlloc
WideCharToMultiByte
SetStdHandle
ExitProcess
OpenSemaphoreA
InterlockedDecrement
GetModuleHandleA
CloseHandle
MultiByteToWideChar
UnhandledExceptionFilter
ReadFile
DebugBreak
LeaveCriticalSection
GetTickCount
GetLocaleInfoA
HeapAlloc
IsBadReadPtr
GetLastError
GetACP
VirtualFree
FlushFileBuffers
LCMapStringA
GetTimeZoneInformation
LCMapStringW
RtlUnwind
GetConsoleMode
FreeLibrary
CompareStringW
GetCommandLineA
GetCurrentProcess
InterlockedExchange
lstrlenA
GetStringTypeA
GetProcessHeap
DeleteCriticalSection
FreeEnvironmentStringsA
CompareStringA
TlsGetValue
HeapDestroy
GetOEMCP
OutputDebugStringW
GetSystemTimeAsFileTime
LoadLibraryW
TlsAlloc
GetStringTypeW
GetLocaleInfoW
QueryPerformanceCounter
SetHandleCount
GetUserDefaultLCID
SetLastError
HeapFree
VirtualQuery
SetEnvironmentVariableA
LoadLibraryA
GetCPInfo
GetConsoleOutputCP
OpenMutexA
HeapValidate
GetModuleFileNameW
SetConsoleCtrlHandler

comctl32

InitCommonControlsEx

Sections

.text
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd2d187c0b8d0b57a9446701dd6184a4

Headers

File Characteristics

PDB Paths

Imports

user32

comdlg32

kernel32

comctl32

Sections

.text Size: 318KB - Virtual size: 318KB

.rdata Size: 63KB - Virtual size: 71KB

.data Size: 91KB - Virtual size: 90KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 318KB - Virtual size: 318KB

.rdata
Size: 63KB - Virtual size: 71KB

.data
Size: 91KB - Virtual size: 90KB

.rsrc
Size: 10KB - Virtual size: 9KB