5ca44d566b9d2eef62f243304c28b1b3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5ca44d566b9d2eef62f243304c28b1b3_JaffaCakes118
Size

65KB
MD5

5ca44d566b9d2eef62f243304c28b1b3
SHA1

0e03dce251df354d813ec1271a6f17f0e22d0c57
SHA256

00aa16b3c7fb769b24dc0136b5dfdf7ff51ecf963028f6fe2c064322d15188f3
SHA512

4c25bacb36f20fa53b3c2c6b4bbc41b9fe865e71575f41afe4f0f07bc7c221870e1a841e7ca67f149971c82df598f9026a2c475e8bd935554d568dea507c8752
SSDEEP

768:/GiTkiH27mrvtRU9wGo+UuDQNG3i50AMim9I1Mzc8c8+cMzk0:/VXH20lRUGgUuDQNb1pAc803zz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ca44d566b9d2eef62f243304c28b1b3_JaffaCakes118

Files

5ca44d566b9d2eef62f243304c28b1b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68fce2662a64a6152b3433b37ff64719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW
LoadResource
FreeLibrary
GetLogicalDrives
lstrcmpiW
OpenEventW
GetDateFormatW
SystemTimeToFileTime
GetSystemDirectoryW
GetWindowsDirectoryW
LocalFree
CreateDirectoryW
GetTempPathW
LocalAlloc
RemoveDirectoryW
lstrlenA
lstrlenW
lstrcpynW
SetUnhandledExceptionFilter
IsDebuggerPresent
lstrcpyW
WaitForSingleObject
CreateEventW
MoveFileW
ExpandEnvironmentStringsA
GetModuleHandleW
GetCurrentThreadId
GetModuleHandleA
GetProcAddress

user32

PeekMessageW
GetForegroundWindow
MoveWindow
IsWindow
GetTopWindow
RegisterWindowMessageW
GetSysColor
GetSubMenu
RemoveMenu
GetSysColorBrush
CreatePopupMenu
CreateMenu
GetMenuItemID
GetMenuState
GetMenuItemCount
AppendMenuW
GetSystemMetrics
LoadBitmapW
GetDesktopWindow
CopyRect
GetMenuItemInfoW
SendMessageW
LoadImageW
CheckMenuItem
DestroyIcon
EnableMenuItem
EnableWindow
CopyIcon
PostMessageW
OffsetRect
SetWindowPos

gdi32

CreateCompatibleDC
CreateFontIndirectW
CreatePen
CreateDIBSection
CreateHatchBrush
CreatePatternBrush
DeleteObject
CreateSolidBrush

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBrowseForFolderW
ShellExecuteW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

comctl32

ImageList_GetIconSize

shlwapi

PathIsDirectoryW

resutils

ResUtilVerifyService
ResUtilStartResourceService
ResUtilTerminateServiceProcessFromResDll
ResUtilVerifyResourceService
ResUtilFreeEnvironment
ResUtilGetAllProperties
ResUtilSetExpandSzValue
ResUtilGetProperties

wiashext

AddDeviceWasChosenW
DllRegisterServer
AddDeviceWasChosen
DllCanUnloadNow
MakeFullPidlForDevice
DllGetClassObject
DllUnregisterServer

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ACdWOr
Size: 4KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ia
Size: 3KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oKl
Size: 5KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Epe
Size: 6KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.szxy
Size: 3KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hUK
Size: 4KB - Virtual size: 861KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uEz
Size: 1KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IkUHX
Size: 6KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QRZOX
Size: 3KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68fce2662a64a6152b3433b37ff64719

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

shlwapi

resutils

wiashext

Sections

.text Size: 15KB - Virtual size: 14KB

.ACdWOr Size: 4KB - Virtual size: 241KB

.rdata Size: 3KB - Virtual size: 42KB

.ia Size: 3KB - Virtual size: 376KB

.oKl Size: 5KB - Virtual size: 175KB

.Epe Size: 6KB - Virtual size: 65KB

.szxy Size: 3KB - Virtual size: 171KB

.hUK Size: 4KB - Virtual size: 861KB

.uEz Size: 1KB - Virtual size: 36KB

.data Size: 6KB - Virtual size: 58KB

.IkUHX Size: 6KB - Virtual size: 54KB

.QRZOX Size: 3KB - Virtual size: 403KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 14KB

.ACdWOr
Size: 4KB - Virtual size: 241KB

.rdata
Size: 3KB - Virtual size: 42KB

.ia
Size: 3KB - Virtual size: 376KB

.oKl
Size: 5KB - Virtual size: 175KB

.Epe
Size: 6KB - Virtual size: 65KB

.szxy
Size: 3KB - Virtual size: 171KB

.hUK
Size: 4KB - Virtual size: 861KB

.uEz
Size: 1KB - Virtual size: 36KB

.data
Size: 6KB - Virtual size: 58KB

.IkUHX
Size: 6KB - Virtual size: 54KB

.QRZOX
Size: 3KB - Virtual size: 403KB

.rsrc
Size: 2KB - Virtual size: 1KB