5ce905c0bff3bfd758b5ca7933e946c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ce905c0bff3bfd758b5ca7933e946c8_JaffaCakes118
Size

427KB
MD5

5ce905c0bff3bfd758b5ca7933e946c8
SHA1

9101d95289bd3b6333dbe9016ae9d0f16850b65d
SHA256

24d6c5db518fa28e3fb2a9b803c78f2c647f53d3563d007f6daa2e2dc6e16a74
SHA512

d49c22bd28217997251d6612b1ff0c08b0027c5b3f5b61171681cb1cdf093414d47e55a7ee19293670318dabfd89e0a422d7464e3f631f27a8e572b351dbd000
SSDEEP

12288:zG2HufhIaWMiT1XTXPrVfP0Rb7htWBossd9KBTjX7WCLtI3:C2yA1X+bHWBosE9kiCq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ce905c0bff3bfd758b5ca7933e946c8_JaffaCakes118

Files

5ce905c0bff3bfd758b5ca7933e946c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

583362e8052e41872124713452102703

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDiskFreeSpaceA
SHGetPathFromIDList
SHFileOperationW
ExtractIconExW

kernel32

GetOEMCP
GetLocaleInfoW
GetStringTypeA
GetSystemInfo
FreeEnvironmentStringsW
TerminateProcess
TlsFree
GetStartupInfoA
FreeEnvironmentStringsA
TlsAlloc
IsValidCodePage
CreateWaitableTimerW
GetCurrentProcessId
ReadFile
GetCommandLineA
VirtualProtect
MultiByteToWideChar
FillConsoleOutputCharacterW
GetTimeZoneInformation
HeapReAlloc
ResumeThread
IsValidLocale
DeleteCriticalSection
IsBadWritePtr
FreeLibrary
GetEnvironmentStrings
HeapCreate
GetDateFormatA
VirtualFree
LeaveCriticalSection
HeapSize
RtlUnwind
GetACP
GlobalReAlloc
UnhandledExceptionFilter
GetCurrentThread
SetHandleCount
TlsSetValue
LCMapStringA
GetSystemDefaultLCID
HeapFree
WriteConsoleOutputCharacterW
QueryPerformanceCounter
GetLastError
ExitProcess
VirtualQuery
CompareStringA
GlobalFlags
GetStdHandle
GetModuleHandleA
Sleep
GetTickCount
EnumSystemLocalesA
GetLocaleInfoA
InterlockedExchange
EnterCriticalSection
EnumCalendarInfoW
GetTimeFormatA
GetStringTypeW
GetVersionExA
GetCurrentProcess
TlsGetValue
LoadLibraryA
GetCurrentThreadId
lstrcmpi
HeapDestroy
GetEnvironmentStringsW
GetProcAddress
WideCharToMultiByte
FileTimeToSystemTime
WriteFile
SetEnvironmentVariableA
InitializeCriticalSection
SetLastError
WriteFileEx
GetModuleFileNameA
HeapAlloc
GetSystemDefaultLangID
GetCPInfo
GetFileType
VirtualAlloc
EnumResourceTypesW
CompareStringW
LCMapStringW
GetFileAttributesExW
GetSystemTimeAsFileTime
GetUserDefaultLCID

wininet

FtpFindFirstFileA

user32

CreateIconFromResourceEx
MsgWaitForMultipleObjectsEx
OpenDesktopW
SetKeyboardState
IsCharAlphaNumericA
CreateIconFromResource
UnionRect
GetShellWindow
EnableWindow
CheckMenuItem
LoadStringA
DlgDirSelectExW
SetWindowLongW
AttachThreadInput
EnumThreadWindows
ShowScrollBar
GetClientRect

advapi32

LookupAccountNameA
CryptSetHashParam
RegConnectRegistryW
CryptReleaseContext
RegDeleteKeyW

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

583362e8052e41872124713452102703

Headers

File Characteristics

Imports

shell32

kernel32

wininet

user32

advapi32

Sections

.text Size: 137KB - Virtual size: 136KB

.rdata Size: 7KB - Virtual size: 25KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 137KB - Virtual size: 136KB

.rdata
Size: 7KB - Virtual size: 25KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 2KB - Virtual size: 2KB