5d241b055f7137728df6912317976a53_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5d241b055f7137728df6912317976a53_JaffaCakes118
Size

164KB
MD5

5d241b055f7137728df6912317976a53
SHA1

78d5cb0bf161b2466e24838034aeca38b985f1b4
SHA256

58dcf6c906ba1a10631cae8224ddef57f40bb0b6be2c42520697beeb4a1be497
SHA512

0d7f926ba5ec1d893ad3242742f4f305fd257154a4cd725773383cf58051005a3910daab421cf34e3eebdea7b452ef94f0617dded80a181cdd22054058a3a476
SSDEEP

3072:4fSCDywW2OJpFALQZ8neOwv6IfVMLrLsgo9xQdvKK4OH:4fljLOJpSwGANML3CDQlKXO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d241b055f7137728df6912317976a53_JaffaCakes118

Files

5d241b055f7137728df6912317976a53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fbc71fa860d3cf3eaaabe49511a6759

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

TextOutW
CreateBitmap
SetBkColor
GetDeviceCaps
PtVisible
RestoreDC
SelectObject
SetViewportOrgEx
ScaleWindowExtEx
Escape
SetWindowExtEx
SetMapMode
ExtTextOutW
RectVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SaveDC
DeleteDC
SetTextColor
GetClipBox
DeleteObject
GetStockObject

shlwapi

PathFileExistsW
PathAppendW
PathFindFileNameW
PathFindExtensionW

user32

LoadCursorW
LoadBitmapW
GetSystemMetrics
GetWindowTextW
GetLastActivePopup
ReleaseDC
IsWindowEnabled
MessageBoxW
ModifyMenuW
EnableWindow
GetParent
GetSysColor
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
GetDC
GetWindowLongW
GetSysColorBrush

shell32

SHGetSpecialFolderPathW

kernel32

GetCommandLineA
HeapCreate
GetShortPathNameA
GetStdHandle
GetSystemTimeAsFileTime
VirtualFree
GetCurrentProcessId
IsBadWritePtr
GetOEMCP
LCMapStringW
QueryPerformanceCounter
GetProcessAffinityMask
SetHandleCount
GetCurrentProcess
GetSystemInfo
GetStartupInfoA
HeapFree
GetTickCount
GetModuleFileNameA
GetCPInfo
GetEnvironmentStrings
GetStringTypeA
SetFilePointer
SetUnhandledExceptionFilter
VirtualAlloc
EnumResourceTypesW
GetStringTypeW
WriteFile
LCMapStringA
GetEnvironmentStringsW
IsBadReadPtr
SetStdHandle
HeapAlloc
VirtualQuery
GetFileAttributesA
HeapReAlloc
RtlUnwind
FreeEnvironmentStringsW
HeapSize
FlushFileBuffers
IsBadCodePtr
TerminateProcess
VirtualProtect
HeapDestroy
UnhandledExceptionFilter
GetFileType
ExitProcess

ole32

CoCreateInstance
CoUninitialize
CoInitialize

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fbc71fa860d3cf3eaaabe49511a6759

Headers

File Characteristics

Imports

gdi32

shlwapi

user32

shell32

kernel32

ole32

winspool.drv

advapi32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 64KB - Virtual size: 63KB

.tls Size: 1024B - Virtual size: 104KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 64KB - Virtual size: 63KB

.tls
Size: 1024B - Virtual size: 104KB