5d3da06532a44cd5d4aa3da0c26fddd3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5d3da06532a44cd5d4aa3da0c26fddd3_JaffaCakes118
Size

725KB
MD5

5d3da06532a44cd5d4aa3da0c26fddd3
SHA1

23f7081d0aa309d850ec0db053a929dcf2ccfda0
SHA256

ca5e7fcef1a48904bec4f28a5e4753b7c2d128d210b9d6caf5bbe1737fee1126
SHA512

4edcec8be432c7cd5669a0e8bf03c3a0b799a6a63ce191c42d547e6255f245cf5ff35754f887bc26f14a19ef2d980ececd5f7bf2c16c3162efc5b4394d9fe5d6
SSDEEP

12288:00WqbBj+ORqtZam0JM14WGKQlWoE4P7+EzBhAZn+iMNb/WehTEOCcCNMpnTArnmT:thRRqDP0pEoE4PlLeehTEOCXcnTMnm1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d3da06532a44cd5d4aa3da0c26fddd3_JaffaCakes118

Files

5d3da06532a44cd5d4aa3da0c26fddd3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ce9b6c25599e8c48e2f0d8ff0056bf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentPointW
GetRasterizerCaps
CreateDIBPatternBrushPt
InvertRgn
GetCharWidthW
GetPixelFormat
SetWorldTransform
GetRgnBox
SetBoundsRect
SetMetaRgn
GetViewportExtEx
CreateFontW
PolylineTo
GdiFlush
CreateRectRgnIndirect
GetTextExtentPoint32A
Escape
StretchBlt

advapi32

CryptHashSessionKey
AbortSystemShutdownW
RegEnumKeyExW
CryptReleaseContext
LookupPrivilegeValueA
ReportEventA
RegDeleteKeyA
CryptCreateHash
LogonUserA
CryptContextAddRef
AbortSystemShutdownA
CryptGetProvParam
CryptGenKey
LookupPrivilegeNameW
RegSetValueW
StartServiceW
RegQueryInfoKeyA
CryptDeriveKey
RegQueryMultipleValuesW
LookupAccountNameW
LookupAccountSidW
LookupAccountNameA
CryptGenRandom
CryptEnumProviderTypesW
LookupSecurityDescriptorPartsA

user32

FlashWindowEx
DdeNameService
SetWindowLongW
RegisterClassExA
RegisterClassA
DdeSetQualityOfService
SetMenuItemInfoA

wininet

InternetSetCookieW
InternetAttemptConnect

shell32

ShellExecuteExA
RealShellExecuteExA
SheChangeDirA
CheckEscapesW

kernel32

GetACP
GetStartupInfoA
WriteConsoleA
FreeEnvironmentStringsW
SetLastError
GetTickCount
IsDebuggerPresent
HeapCreate
GetUserDefaultLCID
SetFilePointer
lstrcpyW
GetFileTime
GetLocaleInfoA
GetEnvironmentStringsW
GetModuleFileNameA
Sleep
TlsAlloc
LCMapStringW
lstrcpyn
CreateFileA
GetModuleFileNameW
EnumCalendarInfoW
InterlockedIncrement
HeapSize
IsValidCodePage
TlsFree
LoadLibraryA
HeapReAlloc
LeaveCriticalSection
QueryPerformanceCounter
HeapFree
GetLocaleInfoW
GetProcAddress
WriteConsoleW
GetConsoleOutputCP
FindNextFileW
GetCurrentProcessId
GetStringTypeExW
VirtualQuery
GetModuleHandleA
FreeLibrary
LCMapStringA
CompareStringW
GetFileType
GetLastError
GetCommandLineA
GetSystemInfo
GetCPInfo
GetStringTypeA
GetTimeFormatA
TlsGetValue
TlsSetValue
CreateWaitableTimerA
GetCurrentThread
GetStdHandle
SetStdHandle
CompareStringA
RtlUnwind
GetDateFormatA
CreateSemaphoreW
GetCurrentProcess
GetStringTypeW
FlushFileBuffers
UnhandledExceptionFilter
SetEnvironmentVariableA
HeapDestroy
InterlockedDecrement
OpenMutexA
IsValidLocale
GetExitCodeThread
TerminateProcess
SetUnhandledExceptionFilter
WriteFile
SetFileAttributesA
GetConsoleMode
InitializeCriticalSection
SetHandleCount
InterlockedExchange
VirtualLock
GetTimeZoneInformation
GetOEMCP
FreeEnvironmentStringsA
GetVersionExA
GetStartupInfoW
VirtualFree
DeleteCriticalSection
SetComputerNameA
GetCurrentThreadId
GetProcessHeap
EnterCriticalSection
CreateMutexA
WideCharToMultiByte
EnumSystemLocalesA
GetConsoleCP
UnmapViewOfFile
VirtualAlloc
ExitProcess
ReadFile
HeapAlloc
SetConsoleCtrlHandler
ReleaseMutex
GetCommandLineW
CloseHandle
GetConsoleTitleA
GetEnvironmentStrings
MultiByteToWideChar
GetSystemTimeAsFileTime

comctl32

InitCommonControlsEx

Sections

.text
Size: 556KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ce9b6c25599e8c48e2f0d8ff0056bf5

Headers

File Characteristics

Imports

gdi32

advapi32

user32

wininet

shell32

kernel32

comctl32

Sections

.text Size: 556KB - Virtual size: 556KB

.rdata Size: 33KB - Virtual size: 39KB

.data Size: 115KB - Virtual size: 114KB

.rsrc Size: 19KB - Virtual size: 19KB

.text
Size: 556KB - Virtual size: 556KB

.rdata
Size: 33KB - Virtual size: 39KB

.data
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 19KB - Virtual size: 19KB