5ca8757112b41c3c2d2cccd9cea1d095_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5ca8757112b41c3c2d2cccd9cea1d095_JaffaCakes118
Size

164KB
MD5

5ca8757112b41c3c2d2cccd9cea1d095
SHA1

19d1c788f49f14d7f394844ee0a7a3f4db2c3eeb
SHA256

9a16eb619e0539f8e75e0797441d9e08fdfcc5292665ddd9a897c774073bf474
SHA512

a90690b97bb95d84efe0837f5342e6d2d48adbf095412aca0dc5a05abe2360dc9a48b0bf3a7fc2bfbbdf80493303409dcbd6ac8dc33b73a8184a36614bff2536
SSDEEP

3072:VGHntkXZf0O6fEND8Mwdb+HA6nS3MIqmhrkEd/IENeASR:FXyZsNIMg92qdAEch

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ca8757112b41c3c2d2cccd9cea1d095_JaffaCakes118

Files

5ca8757112b41c3c2d2cccd9cea1d095_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bd8bdba01d697c13eb391e988f528fbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InterlockedCompareExchange
VirtualProtect
LocalFileTimeToFileTime
GetEnvironmentStringsW
RaiseException
CreateProcessA
FreeEnvironmentStringsA
lstrcpynA
GlobalFree
lstrlenA
GetModuleHandleA
GetStartupInfoA

msvcrt

log
__p__fmode
_cexit
_getpid
exit
_filelengthi64
__set_app_type
__p__commode
_except_handler3
_CIsqrt
__setusermatherr
__getmainargs
_initterm
_acmdln
__p___initenv
_XcptFilter
_adjust_fdiv

user32

MapWindowPoints
EnableMenuItem
RemovePropA
CreatePopupMenu
DeleteMenu
GetCursorPos
BeginPaint

ole32

CoRevokeClassObject
StgOpenStorage
PropVariantClear
ProgIDFromCLSID
OleSetClipboard
CreateStreamOnHGlobal
CLSIDFromProgID
OleDraw

oleaut32

SysAllocStringByteLen
VariantClear
SysStringLen
LoadTypeLib
VariantCopy
SysAllocStringLen
SafeArrayPtrOfIndex
VariantInit

gdi32

BitBlt
PlayEnhMetaFile
TextOutW
SetDIBitsToDevice
SetPolyFillMode
RemoveFontResourceA
StretchDIBits
SetMetaFileBitsEx

shell32

DragQueryFile
SHGetFolderPathW
CommandLineToArgvW
SHCreateDirectoryExW
SHGetSpecialFolderPathA
SHGetMalloc
FindExecutableW
SHCreateDirectoryExA
DragFinish
SHGetFileInfoA
Shell_NotifyIconW

comctl32

ImageList_EndDrag
ImageList_SetImageCount
ImageList_DrawEx
ImageList_Replace
ImageList_DragShowNolock
ImageList_SetIconSize
ImageList_SetDragCursorImage
ImageList_Remove
ImageList_Create

advapi32

RegDeleteValueA
AddAccessAllowedAce
RevertToSelf
RegDeleteValueW
RegQueryValueA
InitializeSecurityDescriptor
RegDeleteKeyW
CryptDestroyHash

version

VerInstallFileW
VerInstallFileA
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
VerFindFileW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bd8bdba01d697c13eb391e988f528fbb

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

oleaut32

gdi32

shell32

comctl32

advapi32

version

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 49KB - Virtual size: 120KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 49KB - Virtual size: 120KB