5c9219498dfc96ed20a7fed99483927b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c9219498dfc96ed20a7fed99483927b_JaffaCakes118
Size

36KB
MD5

5c9219498dfc96ed20a7fed99483927b
SHA1

275f248efa7c0462c295f6a6baaddcacd27ec7fd
SHA256

964441f9300a9bca040e878c7f82667f258e903a8a1ac2b233c4a2aadd73ab0f
SHA512

b7a5b467d32944643732e369dd77bcd05d46127a363ee28e870b8c15576cd5f7f59cffacc551def501003844e4a0fc903eea9471076cdca8d69f664b0d1535b5
SSDEEP

768:43WfKZx88LvTR+QX143+5NkfYuYWX67Bbu:q5Zx8kvTR+QXmmSfXB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c9219498dfc96ed20a7fed99483927b_JaffaCakes118

Files

5c9219498dfc96ed20a7fed99483927b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f0f9e99a3c17030358cc86b22a418ee1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
MessageBeep
SetDlgItemTextA
LoadStringA
PeekMessageA
CharPrevA
EnableWindow
CallWindowProcA
ExitWindowsEx
MessageBoxA
SetForegroundWindow
DispatchMessageA
GetDlgItem
GetDesktopWindow
SendMessageA
CharUpperA
GetWindowLongA
DialogBoxIndirectParamA
SetWindowPos
SetWindowLongA
MsgWaitForMultipleObjects
GetSystemMetrics
ShowWindow
GetDC
GetDlgItemTextA
SetWindowTextA
ReleaseDC
GetWindowRect
wsprintfA
SendDlgItemMessageA
CharNextA

kernel32

FreeResource
GetProcAddress
lstrcmpA
GetStartupInfoA
FindResourceA
GetCurrentProcess
CreateEventA
SetCurrentDirectoryA
GetCommandLineA
RemoveDirectoryA
GetFileAttributesA
FormatMessageA
EnumResourceLanguagesA
GetPrivateProfileIntA
DosDateTimeToFileTime
lstrcatA
GetSystemInfo
GetTempFileNameA
WriteFile
SetVolumeLabelA
GetPrivateProfileStringA
lstrcmpiA
GetVersionExA
LoadResource
GlobalUnlock
SetFilePointer
LoadLibraryExA
GetShortPathNameA
GetDiskFreeSpaceA
GlobalLock
FindFirstFileA
ResetEvent
SetFileAttributesA
_lopen
CloseHandle
CreateFileA
SizeofResource
CreateDirectoryA
_lclose
lstrcpyA
GetTempPathA
GetVolumeInformationA
FreeLibrary
CreateThread
SetFileTime
LocalFree
lstrcpynA
ExitProcess
LocalFileTimeToFileTime
FindNextFileA
IsDBCSLeadByte
GetSystemDirectoryA
SetEvent
SetUnhandledExceptionFilter
WritePrivateProfileStringA
GetExitCodeProcess
_llseek
CreateProcessA
GetModuleFileNameA
CreateMutexA
LocalAlloc
LockResource
UnhandledExceptionFilter
DeleteFileA
GetLastError
TerminateThread
GetDriveTypeA
GetModuleHandleA
lstrlenA
ReadFile
VirtualQuery
SetHandleInformation
GlobalAlloc
ExpandEnvironmentStringsA
GlobalFree
GetCurrentDirectoryA
GetWindowsDirectoryA
FindClose

advapi32

RegQueryValueExA
GetTokenInformation
AdjustTokenPrivileges
FreeSid
OpenProcessToken
RegCloseKey
LookupPrivilegeValueA
EqualSid
RegCreateKeyExA
AllocateAndInitializeSid
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA

gdi32

GetDeviceCaps

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eoqh
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0f9e99a3c17030358cc86b22a418ee1

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

version

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 7KB - Virtual size: 120KB

.eoqh Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 259KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 120KB

.eoqh
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 259KB