5c7572e875552e8166eb15c57e9a3219_JaffaCakes118

General

Target

5c7572e875552e8166eb15c57e9a3219_JaffaCakes118
Size

5.7MB
MD5

5c7572e875552e8166eb15c57e9a3219
SHA1

ee56fc5d6de941cb94173939654940682eb8641e
SHA256

23bdd320a43c72ff48777b3f898bf8e6414c142a31547d2be519389d1a30340a
SHA512

f9ac16bd193e1d72632b65898bcd6c616c7b16f52047bb58464bce31b6ca3f0bae3d65e49e1a2caae53b24e6788002054bdd91be53114cf97c20b155098322d5
SSDEEP

98304:P+dXW2cIdjbAblh9lo0lrelN5GNEpMPaWsP6p7kicLuR3M8w4qQDybk/bJYT7HcP:PWljClblo08AEyzo6Aa3MZe7DJ8cP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c7572e875552e8166eb15c57e9a3219_JaffaCakes118

Files

5c7572e875552e8166eb15c57e9a3219_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6c61b3710c8b0c72d61855180c31878

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
CommDlgExtendedError

user32

OemToCharBuffA
GetQueueStatus
GetWindowThreadProcessId
IsCharAlphaNumericW
ClientToScreen
SetWindowWord
OpenClipboard
ScrollDC
SetWindowPlacement
OemToCharBuffW
GetMessageA
AppendMenuA
VkKeyScanW
CharLowerBuffW
GetMenuStringW
InvalidateRgn
DrawFocusRect
GetDlgItemTextW
MessageBoxIndirectW
GetDC
RedrawWindow
GetWindowLongW
SendMessageCallbackW
DestroyWindow
SetUserObjectInformationW
CreateCursor
SetProcessDefaultLayout

version

VerFindFileA
VerInstallFileA
GetFileVersionInfoA

kernel32

GetCommConfig
FindFirstFileW
GetPrivateProfileSectionW
FileTimeToLocalFileTime
GetStartupInfoA
SetSystemTime
CloseHandle
GetPrivateProfileStringA
GetLargestConsoleWindowSize
FindCloseChangeNotification
SetConsoleActiveScreenBuffer
SetConsoleMode
ExitProcess
GetLongPathNameA

comctl32

ImageList_DrawIndirect

msvcrt

_wspawnvp
fseek
_mbsnicmp
_spawnvp
putc
_dup
fputs
_wsetlocale
memchr
setlocale
_getmbcp
_strlwr
fopen

Sections

.text
Size: 2KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6c61b3710c8b0c72d61855180c31878

Headers

File Characteristics

Imports

comdlg32

user32

version

kernel32

comctl32

msvcrt

Sections

.text Size: 2KB - Virtual size: 223KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5.4MB - Virtual size: 5.4MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 223KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5.4MB - Virtual size: 5.4MB

.rsrc
Size: 17KB - Virtual size: 16KB