5d4f439415cab21a06678383a3a4fe1c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d4f439415cab21a06678383a3a4fe1c_JaffaCakes118
Size

608KB
MD5

5d4f439415cab21a06678383a3a4fe1c
SHA1

2b16518dbedb7888a1f27964ee8d4374cd447187
SHA256

c7526e8e1faa1ce8e683f365a6e4e260c16212a14cb3eaa5a6f5bace7353a565
SHA512

e29f16c7888eeef90348990edc71ecd6b73bf701c295ecde1fd97da082286a2569c070d0a0e5d1f95d0b58120ca9e06ac36540050c2c56ee0266b0fccf1e2e73
SSDEEP

12288:nmu4QlohrVh+dLZOEBJ4957PTWvM/gjaCFwU13JehN4Pbfo:mu4QlodVhIOEYr7PTWvCnUkC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d4f439415cab21a06678383a3a4fe1c_JaffaCakes118

Files

5d4f439415cab21a06678383a3a4fe1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccdd01f0a8248645d21e240951358877

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Write
ImageList_Create
InitCommonControlsEx
ImageList_Add
ImageList_GetImageInfo

kernel32

GetUserDefaultLCID
HeapValidate
HeapDestroy
SetConsoleCtrlHandler
GetCurrentProcessId
GetOEMCP
UnhandledExceptionFilter
EnumSystemLocalesA
InitializeCriticalSection
LCMapStringA
GetTimeFormatA
FlushViewOfFile
GetStringTypeA
TerminateProcess
IsBadWritePtr
GetFileType
DeleteCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
VirtualQuery
FreeEnvironmentStringsA
GetVersionExA
ReadFile
GetCPInfo
OpenMutexA
GetModuleFileNameW
PulseEvent
GetStringTypeW
VirtualProtect
FlushFileBuffers
HeapFree
FindNextFileW
CompareStringW
GetProcAddress
WideCharToMultiByte
RtlUnwind
CompareStringA
GetLocaleInfoA
GetStartupInfoW
LCMapStringW
GetEnvironmentStrings
GetStdHandle
GetTickCount
SetEnvironmentVariableA
LoadLibraryA
LeaveCriticalSection
GetTimeZoneInformation
GetACP
GetCurrentProcess
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
GetStartupInfoA
SetFilePointer
WriteFile
TlsSetValue
TlsAlloc
GetLocaleInfoW
TlsGetValue
HeapReAlloc
GetLastError
MultiByteToWideChar
InterlockedIncrement
SetHandleCount
EnterCriticalSection
GetCurrentThread
CloseHandle
GetModuleFileNameA
DebugBreak
TlsFree
IsValidLocale
GetModuleHandleA
IsBadReadPtr
GetDateFormatA
VirtualFree
IsValidCodePage
CreateMutexA
ExitProcess
InterlockedDecrement
GetSystemInfo
HeapAlloc
SetLastError
InterlockedExchange
HeapCreate
FreeEnvironmentStringsW
VirtualAlloc
SetStdHandle
EnumTimeFormatsW
OutputDebugStringA
GetSystemTimeAsFileTime

advapi32

RegCreateKeyW
CryptSetKeyParam
CryptReleaseContext
RegSetKeySecurity
CryptSignHashA
CryptGenKey
CryptDestroyHash
LogonUserA
RegRestoreKeyW
RegConnectRegistryW
RegSaveKeyW
LookupSecurityDescriptorPartsA
CryptDecrypt

shell32

ExtractAssociatedIconA
DragQueryFileAorW
SHFileOperationW

wininet

FindFirstUrlCacheContainerA
GopherCreateLocatorW

user32

CountClipboardFormats
RegisterClassExA
EnumPropsA
PostMessageA
CreateWindowExA
CreateIconFromResource
GetKBCodePage
PeekMessageW
GetMenuDefaultItem
SetWindowPos
EndDeferWindowPos
BlockInput
CreateMDIWindowA
GetClipboardData
EnumChildWindows
CallMsgFilterW
CharUpperBuffA
DdeAbandonTransaction
GetNextDlgTabItem
GetPropA
DestroyWindow
MessageBoxW
DefWindowProcA
IsCharUpperA
WINNLSEnableIME
RegisterClassA
SetCaretPos
ActivateKeyboardLayout
DdeUninitialize
SetDoubleClickTime
CreateIconIndirect
CharToOemBuffW
SetPropA
LoadMenuA
DrawIcon
ToAscii
HideCaret
GetParent
GetMenuStringA
OpenDesktopW
SetWindowsHookExA
CreateAcceleratorTableW
GetWindowInfo
CascadeChildWindows
GetSysColor
ShowWindow
CallMsgFilterA
IsZoomed
GetClassLongW
SetWindowTextA
OpenDesktopA
UnhookWindowsHook
GetKeyState
GetKeyboardState

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccdd01f0a8248645d21e240951358877

Headers

File Characteristics

Imports

comctl32

kernel32

advapi32

shell32

wininet

user32

Sections

.text Size: 208KB - Virtual size: 205KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 120KB - Virtual size: 137KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 208KB - Virtual size: 205KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 120KB - Virtual size: 137KB

.rsrc
Size: 16KB - Virtual size: 12KB