5d2db5f8ed7d7504ce5b55fee75990a7_JaffaCakes118

General

Target

5d2db5f8ed7d7504ce5b55fee75990a7_JaffaCakes118
Size

172KB
MD5

5d2db5f8ed7d7504ce5b55fee75990a7
SHA1

305139896992ce2a6a1b409bed0284c75c381811
SHA256

c2d824f4d8a0a2c2f6a5e8fcd99e0edff596d061a6a334bc3f917eff9cab04c6
SHA512

1865248b67709e40d37f76bdc023bf08de7bdca1c62a3cf5e457b259a8ac2b341c8b064383dadb35a7ddb38b19d9d4237a2dcc2b46edd3cac3c60052f87364e3
SSDEEP

3072:SpzAd9jMYUhFYVjnZTl/bxWS0AJMJDXdQVz2rAHMl6kUURbaqfaiBFk3xvfb4H9v:GzFYU6hlTbMJpQArwPUR+qfaiBuKv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d2db5f8ed7d7504ce5b55fee75990a7_JaffaCakes118

Files

5d2db5f8ed7d7504ce5b55fee75990a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

021e5f6f791df7337f72c40dc7da7d9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Lop\Olodo\Lejux\Wefuke\Ihunyc.pdb

Imports

kernel32

QueryPerformanceCounter
CreateFileW
GetWindowsDirectoryW
GetSystemTime
OpenProcess
GetVersionExW
GetDateFormatW
SizeofResource
GetModuleHandleW
InitializeCriticalSection
EnterCriticalSection
SetTapePosition
GetModuleFileNameW
GetCurrentThreadId
GetTickCount
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
WideCharToMultiByte
GetSystemTimeAsFileTime
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetStartupInfoW
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
HeapSize
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetLocaleInfoA
GetCurrentProcessId

user32

LoadBitmapW
CheckDlgButton
SendMessageW
SetWindowTextW
GetIconInfo
IsDialogMessageW

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

021e5f6f791df7337f72c40dc7da7d9b

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 4KB - Virtual size: 504KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 4KB - Virtual size: 504KB

.rsrc
Size: 56KB - Virtual size: 52KB