5c8cd2b7924a1acf99a2e300629ee051_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c8cd2b7924a1acf99a2e300629ee051_JaffaCakes118
Size

515KB
MD5

5c8cd2b7924a1acf99a2e300629ee051
SHA1

183a1fd440198cc7da793e8223915fe8adce8a95
SHA256

f54b885eab0505a3d7cbb07ece51dcedee444f080edc67894a5507c3900aaa29
SHA512

fa1274090b70f038b69a6ecebccd10bfce25e13b4256c181b9fa59bf46283132cf9b04789f8e996e3c15e38cc5aef1d4a40bac8ff9ac590b575d714eb1bfbcf2
SSDEEP

6144:uxbFVPyl6HkhG9+/EiteLtKSLGL3S3aSGtZGtVGGNidJIaGTGK7GspbVGwd8xCuz:uxfu6Eh+cbO6RCuNAg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c8cd2b7924a1acf99a2e300629ee051_JaffaCakes118

Files

5c8cd2b7924a1acf99a2e300629ee051_JaffaCakes118
.exe windows:5 windows x86 arch:x86

603aaabcf08b50ddc22642512268d192

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
CreateThread
InitializeCriticalSection
CreateEventA
GetVersion
ReleaseMutex
WideCharToMultiByte
lstrcmpW
DisconnectNamedPipe
FlushFileBuffers
WriteFile
ConnectNamedPipe
CreateNamedPipeA
ProcessIdToSessionId
GetCurrentProcessId
lstrcatA
GetSystemDirectoryA
ReadFile
lstrlenA
Sleep
LoadLibraryA
GetProcAddress
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
OpenProcess
SetEvent
CloseHandle
WaitForSingleObject
EnterCriticalSection
CreateFileW
WriteConsoleW
SetStdHandle
MultiByteToWideChar
LCMapStringW
LoadLibraryW
HeapReAlloc
GetStringTypeW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapCreate
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
HeapSize
GetTickCount
LeaveCriticalSection
ResetEvent
lstrcpyA
CreateMutexA
GetLastError
CreateFileA
GetFileSize
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
OpenEventA
RaiseException
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

advapi32

DeleteService
CreateServiceA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenSCManagerA
CloseServiceHandle
OpenServiceA
ChangeServiceConfigA
ChangeServiceConfig2A
StartServiceA

user32

CharUpperW
RegisterWindowMessageA
LoadIconA
LoadCursorA
RegisterClassExA
GetSystemMenu
BeginPaint
SetRect
DrawEdge
EndPaint
PostQuitMessage
SystemParametersInfoA
DestroyWindow
DefWindowProcA
CreateWindowExA
SendMessageA
SetWindowTextW
ShowWindow
UpdateWindow
SetWindowPos
GetMessageA
TranslateMessage
DispatchMessageA
SetForegroundWindow
GetCursorPos
TrackPopupMenu
PostMessageA
GetMenuItemCount
DeleteMenu
AppendMenuW
EnableMenuItem
CheckMenuItem
LoadImageA
CreatePopupMenu
AppendMenuA
MessageBoxA
GetSystemMetrics

gdi32

SelectObject
GetObjectA
BitBlt
DeleteDC
CreateFontIndirectA
GetStockObject
DeleteObject
CreateCompatibleDC

shell32

ShellExecuteA
Shell_NotifyIconA

shlwapi

PathQuoteSpacesA
SHGetValueA
SHRegGetPathA
SHDeleteValueA
SHSetValueA
PathUnquoteSpacesA

comctl32

InitCommonControlsEx

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

603aaabcf08b50ddc22642512268d192

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

shell32

shlwapi

comctl32

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 5KB - Virtual size: 16KB

.rsrc Size: 303KB - Virtual size: 303KB

.reloc Size: 85KB - Virtual size: 88KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 16KB

.rsrc
Size: 303KB - Virtual size: 303KB

.reloc
Size: 85KB - Virtual size: 88KB