5c5b189834d3aee383a8e86cfc528818_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5c5b189834d3aee383a8e86cfc528818_JaffaCakes118
Size

72KB
MD5

5c5b189834d3aee383a8e86cfc528818
SHA1

b1104394bf85a6750128003c86eb9c98dc7a9876
SHA256

cf616703ffa23bd04f29e181c9ad89205a165a2b0301f189423ab25e0ca6358b
SHA512

7ab07f0d5e26b133b6b1d4e75cae471e5a9858abf171ba7ddf61de2b64c4973c7a0864665f0449112645075bd0a152f34b368cd175b71d75ee2b24986174a60d
SSDEEP

768:YMNY8AA65VFH+QF5BrUxOAjpfT+irbhbxTqwFgHgMTFMr:YMg5VFHRF5Br+jpNLqHH12r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c5b189834d3aee383a8e86cfc528818_JaffaCakes118

Files

5c5b189834d3aee383a8e86cfc528818_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5aad495bee6d15b4c992f695a7d6aae7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

SetTimer
WaitMessage
ReleaseDC
MsgWaitForMultipleObjectsEx
GetSysColor
DispatchMessageA
IsChild
LoadCursorW
GetUserObjectInformationW
PostMessageW
SystemParametersInfoW
DispatchMessageA
RegisterWindowMessageA
DispatchMessageA
GetSystemMetrics
TranslateMessageEx
GetMessageW
GetThreadDesktop
GetUserObjectInformationW
MsgWaitForMultipleObjectsEx
GetDCEx
RealGetWindowClassA
MsgWaitForMultipleObjectsEx
GetShellWindow
TranslateMessageEx
CharUpperBuffW
ReleaseDC
GetShellWindow
GetLastInputInfo
GetWindowThreadProcessId

kernel32

WaitForSingleObject
SleepEx
CreateProcessW
GetStartupInfoA
LoadLibraryExA
SleepEx
GetSystemTimeAsFileTime
ReadProcessMemory
LoadLibraryExA
GetSystemTime
Sleep
CreateProcessA
ReadProcessMemory
CreateProcessW
DeviceIoControl
GetSystemTimeAsFileTime
WriteProcessMemory
ReadFile
GetStartupInfoW
WaitForSingleObject
GetSystemTime
VirtualProtect
GetSystemTime
Sleep
ReadFile
GetStartupInfoA
GetSystemTime
VirtualProtect
VirtualProtectEx
GetStartupInfoW
TerminateProcess
GetProcAddress
Sleep
GetLastError
LoadLibraryA
GetCommandLineA
SetHandleInformation
lstrcmpiA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
LoadLibraryExW
VirtualProtect
WriteProcessMemory
SleepEx
DeviceIoControl
GetSystemTime
DeviceIoControl
GetStartupInfoA
CreateFileA
LoadLibraryExA
ReadProcessMemory
WaitForSingleObject
DeviceIoControl
GetStartupInfoA
WaitForSingleObject
CreateProcessW
LoadLibraryExA
ReleaseMutex
CreateFileA
GetStartupInfoW
LoadLibraryA
LoadLibraryA
WaitForSingleObject
SleepEx
Sleep
GetStartupInfoA
LoadLibraryA
TerminateProcess
ReadProcessMemory
WaitForSingleObject
DeviceIoControl
WaitForSingleObjectEx
LoadLibraryExA
GetStartupInfoW
ReleaseMutex
ReadProcessMemory
TerminateProcess
LoadLibraryExA
ReadFile
CreateProcessW
Sleep
SleepEx
DeviceIoControl
CreateProcessW
CreateFileA
ReadFile
TerminateProcess
GetStartupInfoA
WriteProcessMemory
LoadLibraryA
ReadFile
Sleep
Sleep
GetStartupInfoA
GetStartupInfoA
GetSystemTimeAsFileTime
CreateProcessA
GetSystemTimeAsFileTime
LoadLibraryExW
TerminateProcess
WaitForSingleObjectEx
CreateProcessA
GetStartupInfoW
GetSystemTimeAsFileTime
GetStartupInfoW
ReadProcessMemory
DeviceIoControl
SleepEx
DeviceIoControl
WriteProcessMemory
WriteProcessMemory
LoadLibraryExA
GetStartupInfoW
GetSystemTimeAsFileTime
GetStartupInfoW
VirtualProtectEx
ReadFile
VirtualProtect
VirtualProtectEx
VirtualProtectEx
WaitForSingleObjectEx
ReadFile
CreateFileA
SleepEx
LoadLibraryExA
ReadProcessMemory
Sleep
TerminateProcess
GetSystemTime
DeviceIoControl
WaitForSingleObject
LoadLibraryA
VirtualProtectEx
GetSystemTime
CreateProcessW
CreateProcessA
VirtualProtectEx
SleepEx
LoadLibraryA
SleepEx
TerminateProcess
LoadLibraryExW
CreateProcessW
WaitForSingleObject
ReleaseMutex
WriteProcessMemory
GetStartupInfoA
SleepEx
GetSystemTimeAsFileTime
LoadLibraryExW
VirtualProtectEx
LoadLibraryExA
GetStartupInfoA
VirtualProtectEx
TerminateProcess
LoadLibraryExW
WaitForSingleObjectEx
WaitForSingleObject
GetSystemTime
CreateProcessW
WaitForSingleObject
LoadLibraryExW
ReadFile
WaitForSingleObjectEx
TerminateProcess
ReleaseMutex
GetStartupInfoW
Sleep
ReleaseMutex
SleepEx
TerminateProcess

advapi32

AccessCheck
OpenThreadToken
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCloseKey
AccessCheck
RegQueryValueExW
ImpersonateNamedPipeClient
AccessCheck
OpenThreadToken
ImpersonateNamedPipeClient
GetSecurityDescriptorDacl
AccessCheck
GetTokenInformation
RegOpenKeyExW
OpenThreadToken
RevertToSelf
ImpersonateNamedPipeClient
RegCloseKey

gdi32

SetTextColor
SetTextColor
RectVisible
CreateRectRgn
GetDeviceCaps
SetTextColor
ExtTextOutW
SelectObject
GdiProcessSetup
SelectObject
SetBkColor
GetViewportOrgEx
GetTextExtentPointW
GetClipRgn
GdiConsoleTextOut
ExtSelectClipRgn
GetHFONT
DeleteDC
GetCurrentObject
GdiConsoleTextOut

comdlg32

GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleW
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleA
GetFileTitleW
GetFileTitleA
GetFileTitleA
GetFileTitleW

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 92KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5aad495bee6d15b4c992f695a7d6aae7

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 17KB - Virtual size: 20KB

.rdata Size: 29KB - Virtual size: 92KB

.data Size: 3KB - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 12KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 17KB - Virtual size: 20KB

.rdata
Size: 29KB - Virtual size: 92KB

.data
Size: 3KB - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB