5d5378c8dc5c25cbe3cdd725331f0211_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d5378c8dc5c25cbe3cdd725331f0211_JaffaCakes118
Size

541KB
MD5

5d5378c8dc5c25cbe3cdd725331f0211
SHA1

eb1bcdad35180f1a52a70e6aedaa5a2ea21ae9eb
SHA256

2a40c2520122ebe1565f4fd03ece8725929c51cc74bce46791b70c59246d5ce4
SHA512

7fce4c502fc451399a6a78436ed5b00e985c4aacab1badf8c7ea4934b0383410c9f89203579e17ae51e797f35696c5d9f4b2804e85434ac0832e2b63e14c3624
SSDEEP

12288:Asx5Cou6uCR5x6Kvx/QBjnYSmLEw1ZNC:bDU6uCbx6AxMri5ZA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d5378c8dc5c25cbe3cdd725331f0211_JaffaCakes118

Files

5d5378c8dc5c25cbe3cdd725331f0211_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb6f258ca3c8976f5e2e4293e62196f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_SetOverlayImage
ImageList_DragMove
InitCommonControlsEx
ImageList_BeginDrag
ImageList_Replace
ImageList_LoadImageW
ImageList_Duplicate
DrawInsert
ImageList_SetFilter
ImageList_AddIcon
CreateUpDownControl
ImageList_EndDrag

user32

PackDDElParam
ShowScrollBar
SetForegroundWindow
MessageBoxW
SetClassLongW
SetClipboardData
GetWindowWord
InSendMessage
DefDlgProcA
DrawTextExW
SetDeskWallpaper
DefMDIChildProcA
ScrollDC
GetKBCodePage
GetCapture
GetMessageExtraInfo
RealChildWindowFromPoint
ClipCursor
RegisterClassExA
SetWindowLongA
MessageBoxA
DefWindowProcA
DestroyWindow
RegisterWindowMessageW
ShowWindow
GetCaretBlinkTime
IsCharAlphaA
CascadeWindows
CheckRadioButton
SetClassWord
CreatePopupMenu
CreateWindowExW
EnumDisplayDevicesA
GetActiveWindow
DdeReconnect
EndTask
SetMenuDefaultItem
CreateDesktopW
SetRect
DlgDirListComboBoxW
LoadImageA
VkKeyScanW
GetMonitorInfoA
WINNLSGetEnableStatus
RegisterClassA
PaintDesktop
DrawFocusRect
TrackMouseEvent
IsDialogMessageW

comdlg32

GetOpenFileNameW
PageSetupDlgW
GetFileTitleA
ChooseColorW

shell32

InternalExtractIconListW
ExtractIconW

gdi32

SetTextCharacterExtra
CreateDCA
GetTextCharset
PlayMetaFileRecord
GetSystemPaletteEntries
TranslateCharsetInfo
PlayEnhMetaFile
GetKerningPairsW
GetEnhMetaFileA
EnumFontFamiliesA
SetStretchBltMode
SetWindowOrgEx
EnumICMProfilesA
SelectClipRgn
DeleteDC
GetObjectW
RectVisible
ResizePalette
GetCharWidthW
EnumMetaFile
GetDeviceCaps
SelectObject
DeleteObject
GetColorAdjustment

wininet

GetUrlCacheEntryInfoW
GopherGetAttributeA
InternetGetCookieW
InternetWriteFileExA
InternetShowSecurityInfoByURL
InternetHangUp

kernel32

InitializeCriticalSection
GetStringTypeW
LockFile
GetSystemTimeAsFileTime
GetModuleHandleA
GlobalUnfix
FormatMessageA
OpenMutexA
IsValidCodePage
SetConsoleWindowInfo
LCMapStringW
WritePrivateProfileStructW
CreateSemaphoreW
GetEnvironmentStringsW
SetConsoleActiveScreenBuffer
CompareStringW
GetNamedPipeHandleStateW
ReadFile
GetOEMCP
ExitProcess
LoadLibraryA
GetEnvironmentStrings
CompareStringA
MoveFileW
HeapDestroy
MultiByteToWideChar
WriteFileEx
SetSystemTime
FreeEnvironmentStringsW
GetCurrentProcessId
GetStartupInfoA
InterlockedExchange
GetLocaleInfoA
VirtualFree
CloseHandle
HeapCreate
GetCommandLineW
GetCurrentThread
VirtualAlloc
HeapSize
IsBadWritePtr
WriteFile
EnumSystemLocalesA
LeaveCriticalSection
TlsSetValue
GetCurrentProcess
GetDateFormatA
GetStdHandle
UnhandledExceptionFilter
TlsGetValue
TlsFree
HeapAlloc
GetSystemTimeAdjustment
SetFilePointer
SetHandleCount
GetLocaleInfoW
GetFileTime
GetTimeZoneInformation
GetTimeFormatA
GetACP
LCMapStringA
TlsAlloc
SetConsoleCtrlHandler
WideCharToMultiByte
CreateFileMappingW
SetConsoleTitleW
GetModuleFileNameW
GetThreadPriority
GetTickCount
EnterCriticalSection
GetFileType
GetProcessAffinityMask
GetModuleFileNameA
GetProcAddress
SetLastError
RtlZeroMemory
CreateEventA
WaitNamedPipeA
GetComputerNameA
CreateProcessA
TerminateProcess
DeleteFileW
EnumDateFormatsA
RtlUnwind
GetDriveTypeA
HeapFree
GetUserDefaultLangID
EnumResourceNamesA
GetCPInfo
GetStartupInfoW
GetSystemInfo
GetLastError
FreeEnvironmentStringsA
CreateMutexA
SetStdHandle
VirtualUnlock
QueryPerformanceCounter
VirtualProtect
EnumResourceNamesW
CreateNamedPipeA
DeleteCriticalSection
GetCommandLineA
FlushFileBuffers
GetUserDefaultLCID
GetVersionExA
GetCurrentThreadId
IsValidLocale
GetStringTypeA
SetEnvironmentVariableA
VirtualQuery
EnumSystemCodePagesA
HeapReAlloc

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb6f258ca3c8976f5e2e4293e62196f0

Headers

File Characteristics

Imports

comctl32

user32

comdlg32

shell32

gdi32

wininet

kernel32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 111KB - Virtual size: 126KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 111KB - Virtual size: 126KB

.rsrc
Size: 34KB - Virtual size: 33KB