5c72d4bf537436343f6fdf6319dbe646_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c72d4bf537436343f6fdf6319dbe646_JaffaCakes118
Size

342KB
MD5

5c72d4bf537436343f6fdf6319dbe646
SHA1

ab2771be1dea163eac620675e4fbb950087fa0d9
SHA256

4bc5126a29d99678a4ec2a4d693c5dc01f294a436ce650d0275148ba292342ba
SHA512

28be7bfedc99d0738dd3b53704f6396d8ef9f9336813d9f6b2ac41d6f013e849935fda7e8617560597599e7bccfd58697cf48968b29ae01ea3b7f6f96995ab5b
SSDEEP

6144:+dpeRrO/jvW56ydX3RzCDufHk6Fps3YLxKrtk+Zd8ZAOtrGmfZ:O02CYgRzQAk6FpGY89KAOtrG4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c72d4bf537436343f6fdf6319dbe646_JaffaCakes118

Files

5c72d4bf537436343f6fdf6319dbe646_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ebecb25bc7dfe981dd0c9448f7ef4ed6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgCtrlID
CascadeWindows
MapDialogRect
SetDlgItemInt
ChildWindowFromPoint
EnumChildWindows
ShowOwnedPopups
IsIconic
IsWindowUnicode
IsWindow
GetWindowThreadProcessId

ole32

StgCreateDocfileOnILockBytes
StgIsStorageILockBytes
OleSaveToStream
CreateDataAdviseHolder
CreateBindCtx
CoReleaseMarshalData
OleCreateFromFileEx
FmtIdToPropStgName
OleCreateLink
CoInstall
OleCreateMenuDescriptor
ReadClassStm
CoCreateInstance
IsAccelerator

oledlg

ord9
ord3
ord1
ord12
ord11
ord8
ord10
ord2
ord4
ord5
ord6

advapi32

RegSetValueExA
RegEnumValueA
RegLoadKeyA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA

kernel32

GetStringTypeA
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetLastError
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetStringTypeW
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
RtlUnwind
GetEnvironmentStringsW
LocalFlags
HeapWalk
LocalSize
GetSystemDefaultLangID
HeapValidate
VirtualProtect
GlobalFree
GlobalAlloc
GlobalMemoryStatus
GetNumberFormatA
IsBadWritePtr
ReleaseSemaphore
SetLocaleInfoA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
WriteProfileStringA
GetProfileSectionA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boemy
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebecb25bc7dfe981dd0c9448f7ef4ed6

Headers

File Characteristics

Imports

user32

ole32

oledlg

advapi32

kernel32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 208KB - Virtual size: 712KB

.boemy Size: 92KB - Virtual size: 91KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 208KB - Virtual size: 712KB

.boemy
Size: 92KB - Virtual size: 91KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 4KB - Virtual size: 3KB