5ca70fe16dfcd6c6fc5b2b3ef455ff40_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5ca70fe16dfcd6c6fc5b2b3ef455ff40_JaffaCakes118
Size

296KB
MD5

5ca70fe16dfcd6c6fc5b2b3ef455ff40
SHA1

afbbddd9795d92c37465307cef51c3986d737bf0
SHA256

2cf270a036860cd8045d811f9455ddbc0535dcba789f15ed796fd183c2bf2bc0
SHA512

f5265d6af5d26197502f49ee0a91bb75fb529566e6e92cf6afc7ac1b984a1c0483c74ac5e4e74fe5143a15c24f8f88ba4cb5556271ca01bc564278e12ecf02a2
SSDEEP

6144:fYeDpIrwU7LqyYb0/So+rh/6aI5VMa4LSkZKYS+g3SPR9J1fi4:C0mLqyYILEhCL5VIr8sgCPl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ca70fe16dfcd6c6fc5b2b3ef455ff40_JaffaCakes118

Files

5ca70fe16dfcd6c6fc5b2b3ef455ff40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ddaa047e7ad15b18a671c34ed28ee23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
HeapDestroy
FindFirstFileExW
DeleteFileA
GetOEMCP
ReadConsoleOutputCharacterW
HeapAlloc
LoadLibraryA
SetFileTime
WideCharToMultiByte
GetStringTypeW
IsValidCodePage
MoveFileA
SetThreadContext
InterlockedExchange
TlsSetValue
SetLastError
GetStringTypeA
GetVersion
CreateRemoteThread
GetCPInfo
FreeEnvironmentStringsW
HeapCreate
GetACP
SetComputerNameW
LCMapStringA
GetEnvironmentStringsW
GetStdHandle
GetProcAddress
CreateDirectoryA
GetStartupInfoA
HeapFree
WaitForSingleObjectEx
FreeEnvironmentStringsA
WriteConsoleW
LCMapStringW
VirtualQuery
VirtualFree
LeaveCriticalSection
WriteFile
SetWaitableTimer
MultiByteToWideChar
SetUnhandledExceptionFilter
GetLastError
HeapReAlloc
UnhandledExceptionFilter
ExitProcess
SetFilePointer
ConnectNamedPipe
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
TlsFree
GetModuleHandleA
GetCurrentThread
SetHandleCount
TlsAlloc
GetCurrentThreadId
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
GetEnvironmentStrings
GetCurrentProcessId
GetModuleFileNameA
TlsGetValue
DeleteCriticalSection
SetConsoleCtrlHandler
GetTickCount
IsBadWritePtr
GetFileType
GetCommandLineA
GetSystemTimeAsFileTime

comdlg32

PageSetupDlgW
PrintDlgA
GetOpenFileNameA
ChooseFontA
GetFileTitleA
GetFileTitleW
GetSaveFileNameW

gdi32

InvertRgn
GdiPlayDCScript
UpdateICMRegKeyA
CloseMetaFile
UpdateColors
GetStretchBltMode
GdiSetBatchLimit
GetTextMetricsW
PtVisible
DeleteColorSpace
CreateDCA
PlayMetaFileRecord
CreateRectRgnIndirect
GetOutlineTextMetricsW
GetPaletteEntries
SetBkColor
PolyBezierTo
PolyBezier
CreateMetaFileA
SetWindowOrgEx
CopyMetaFileW

advapi32

LookupPrivilegeNameA
RegOpenKeyExW
CryptGetHashParam
LookupPrivilegeDisplayNameA
RegOpenKeyA
RegQueryValueExW
CryptEnumProvidersW
RegCloseKey
AbortSystemShutdownA
RegQueryInfoKeyW
CreateServiceW
GetUserNameA

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 167KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ddaa047e7ad15b18a671c34ed28ee23

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

advapi32

Sections

.text Size: 127KB - Virtual size: 126KB

.data Size: 167KB - Virtual size: 193KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 127KB - Virtual size: 126KB

.data
Size: 167KB - Virtual size: 193KB

.rsrc
Size: 1KB - Virtual size: 1KB