5ce73f3d497aeb859253142850ff3729_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ce73f3d497aeb859253142850ff3729_JaffaCakes118
Size

395KB
MD5

5ce73f3d497aeb859253142850ff3729
SHA1

13eb37f8c9df6bbc42fadd0356d760d6d5fbed4a
SHA256

d4d1a3c3ec5de1cdda1b74b0d3cce1c8dcbcd50e5ea6cfecc78d0c4a5e2b51b9
SHA512

06cf98c812c635bb1fd4702cfafb1b1b7db9cb2454ec6af849d4b0f98258da550a60072f964b0f059c925918241d7df272624ff30aa4ece08f5d4e0df8d19bdb
SSDEEP

6144:Rbo1OF94bn5n3OOokUn7lntct8aR7JGOUYMdU+dTg6AhrS:Rt94L5n3sBijGO4U+K6AZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ce73f3d497aeb859253142850ff3729_JaffaCakes118

Files

5ce73f3d497aeb859253142850ff3729_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d022c23dd9c7c842210afa6acf5b0606

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetOverlayImage
CreateStatusWindowW
InitCommonControlsEx
ImageList_Destroy
ImageList_LoadImageA
ImageList_Remove
ImageList_GetImageCount
_TrackMouseEvent
InitMUILanguage
ImageList_SetDragCursorImage
ImageList_BeginDrag

user32

CreateWindowExA
ShowWindow
DestroyWindow
RegisterClassExA
DefWindowProcW
MessageBoxW
ScreenToClient
RegisterClassA
WinHelpW

gdi32

ChoosePixelFormat
PlayEnhMetaFile
InvertRgn
CreateEnhMetaFileW
GetObjectW
TextOutW
GetCharWidth32W

shell32

ExtractAssociatedIconExW
SHGetInstanceExplorer
ShellExecuteW
SHGetFileInfoA
SHGetSpecialFolderPathW

kernel32

Sleep
GetEnvironmentStrings
EnterCriticalSection
IsValidCodePage
FreeEnvironmentStringsW
SetLocalTime
FreeLibrary
GetOEMCP
SetStdHandle
GetConsoleOutputCP
GetCPInfo
LCMapStringA
InterlockedExchange
GetACP
CompareStringW
TerminateProcess
WriteConsoleW
SetUnhandledExceptionFilter
SetFilePointer
GetCurrentProcessId
GetLastError
QueryPerformanceCounter
RtlUnwind
GetProcessHeap
WriteFile
LoadLibraryA
GetCommandLineW
InterlockedIncrement
WideCharToMultiByte
VirtualAlloc
WriteConsoleA
GetModuleHandleA
TlsFree
GetDateFormatA
GetStartupInfoA
HeapCreate
CreateFileA
FreeEnvironmentStringsA
EnumSystemLocalesA
GetTimeZoneInformation
IsValidLocale
GetTimeFormatA
InitializeCriticalSection
IsDebuggerPresent
GetStringTypeW
GetCommandLineA
LeaveCriticalSection
CloseHandle
SetEnvironmentVariableA
GetFileType
ReadFile
HeapFree
TlsAlloc
GetTickCount
SetHandleCount
GetCurrentProcess
HeapSize
DeleteCriticalSection
HeapDestroy
GetEnvironmentStringsW
SetConsoleCtrlHandler
GetModuleFileNameW
TlsGetValue
MultiByteToWideChar
GetStringTypeA
GetCurrentThread
CompareStringA
GetStdHandle
GetProcAddress
InterlockedDecrement
TlsSetValue
LCMapStringW
GetUserDefaultLCID
GetSystemTimeAsFileTime
OpenMutexA
GetLocaleInfoA
UnhandledExceptionFilter
ExitProcess
FlushFileBuffers
GetConsoleCP
GetModuleFileNameA
SetLastError
VirtualQuery
GetLocaleInfoW
GetConsoleMode
VirtualFree
GetCurrentThreadId
CreateMutexA
HeapReAlloc
GetVersionExA
HeapAlloc
GetStartupInfoW

Sections

.text
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d022c23dd9c7c842210afa6acf5b0606

Headers

File Characteristics

Imports

comctl32

user32

gdi32

shell32

kernel32

Sections

.text Size: 210KB - Virtual size: 209KB

.rdata Size: 19KB - Virtual size: 44KB

.data Size: 89KB - Virtual size: 89KB

.rsrc Size: 75KB - Virtual size: 75KB

.text
Size: 210KB - Virtual size: 209KB

.rdata
Size: 19KB - Virtual size: 44KB

.data
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 75KB - Virtual size: 75KB