5cfa680531dc756b1fc705fd439f55da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5cfa680531dc756b1fc705fd439f55da_JaffaCakes118
Size

125KB
MD5

5cfa680531dc756b1fc705fd439f55da
SHA1

d6a4334a15681fa63a7ee6474b4784c8a2c1bcae
SHA256

488e4bd9f6c7e5d159cdce07d205208f4f95a39f33d1a9564f2b9fb7d4ef3512
SHA512

ae00ab692dfb9710f39b3ebe33fdc917c0ffef6130f92cc69c7269a6435b004c7768d7175f9212363aad730d68c3d6d0dba0df0015d774af80fd52c3893633a8
SSDEEP

3072:ILlIukbttAOQuIbzh3kHq03sDO//ZwQ50TNHlZXm1O:SuF0SWkH3sS/XurZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cfa680531dc756b1fc705fd439f55da_JaffaCakes118

Files

5cfa680531dc756b1fc705fd439f55da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e17254c56b2a5c89345dc75170bde2f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
ChooseColorA
GetOpenFileNameA

gdi32

CopyEnhMetaFileA
CreateCompatibleBitmap
SaveDC
CreateBrushIndirect
GetPaletteEntries
LineTo
GetCurrentPositionEx
CreatePenIndirect

version

VerFindFileA

shell32

SHGetSpecialFolderLocation

user32

SetMenuItemInfoA
SetWindowLongW
SetCursor
SetFocus
SetScrollRange
SetWindowPlacement
SetClipboardData
SetScrollInfo
SystemParametersInfoA
UnregisterClassA
SetPropA
TrackPopupMenu
TranslateMDISysAccel
ShowWindow
SetWindowTextA
UnhookWindowsHookEx
SetScrollPos
SetCapture
ShowOwnedPopups
SetClassLongA
SetTimer
SetParent
SetMenu
SetWindowsHookExA
ShowScrollBar
TranslateMessage
SetForegroundWindow
SetRect
SetWindowPos
SetWindowLongA

kernel32

GetLastError
VirtualQuery
CompareStringA
CreateEventA
WriteFile
lstrcmpA
GetCommandLineA
GetCPInfo
FreeResource
SetEvent
GetStartupInfoA
GetVersionExA
GetModuleHandleA
VirtualAlloc
MoveFileExA
GetOEMCP
SizeofResource
GetFileType
GetProcAddress
LoadLibraryA
GlobalAddAtomA
GetACP
GetDateFormatA
IsBadReadPtr
MoveFileA
FreeLibrary
GetModuleHandleW
GetTickCount
GetStdHandle
GetCurrentThread
ExitThread
LockResource
GetFileSize
GetDiskFreeSpaceA
LocalAlloc
GetFullPathNameA
SetFilePointer
LoadResource
SetLastError
GetModuleFileNameA
GetThreadLocale
GetCurrentProcess
EnumCalendarInfoA
CloseHandle
GlobalAlloc
WaitForSingleObject
FindResourceA
ResetEvent
CreateFileA
HeapAlloc
GetProcessHeap
LoadLibraryExA
HeapFree
ReadFile
GetEnvironmentStrings
ExitProcess
GetVersion
VirtualAllocEx
lstrlenA
GlobalFindAtomA
IsBadHugeReadPtr
GetUserDefaultLCID

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e17254c56b2a5c89345dc75170bde2f9

Headers

File Characteristics

Imports

comdlg32

gdi32

version

shell32

user32

kernel32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 8KB

.fdata Size: 1KB - Virtual size: 1KB

.ddata Size: 64KB - Virtual size: 63KB

.gdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 884B

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 8KB

.fdata
Size: 1KB - Virtual size: 1KB

.ddata
Size: 64KB - Virtual size: 63KB

.gdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 884B