5d435baa19b43899333a6908e3a2e70d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d435baa19b43899333a6908e3a2e70d_JaffaCakes118
Size

113KB
MD5

5d435baa19b43899333a6908e3a2e70d
SHA1

28853e4e0ae58e49e9aa9aec4c92654204d152c9
SHA256

55b8bdcf5a667467d8250e06d5faeeefb6495ea9ebb6d7235b9ba51ac4a4a740
SHA512

7f632f04809cfcc2e767e1e7d470b52481602d91aaad6c8cc1af1154e9fd2c4e1f5d5b47ead242eddd1ac66c5e4ce0685f91b687d181718cc2a7e0040920a16e
SSDEEP

3072:4A0lICJLvMEjbWG8dyRvGuolTV4QuMDF:4nhrv9aGXolV4Xy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d435baa19b43899333a6908e3a2e70d_JaffaCakes118

Files

5d435baa19b43899333a6908e3a2e70d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

488b7cacb95ffc79f2d1a7de87e86081

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpyA
GlobalUnlock
lstrcmpA
GlobalReAlloc
SetThreadPriority
GetDriveTypeA
GetLogicalDrives
GetStartupInfoA
WritePrivateProfileStringA
GetPrivateProfileStringA
Sleep
WaitForSingleObject
CloseHandle
GetModuleFileNameA
LoadResource
GetTickCount
GlobalAlloc
GetLastError
ReleaseSemaphore
GetFullPathNameA
FindNextFileA
CreateFileA
SetFilePointer
WriteFile
SetEndOfFile
FreeLibrary
LeaveCriticalSection
lstrcmpiA
DeleteFileA
GetCurrentDirectoryA

user32

LoadCursorA
GetUpdateRect
BeginPaint
GetCursorPos
FindWindowA
SetWindowLongA
SetParent
GetWindowDC
DestroyWindow
CreateDialogParamA
GetDlgItem
GetWindowRect
SetWindowPos
SendMessageA
DrawTextA
ShowWindow
GetParent
TrackPopupMenu
CreateWindowExA
IsWindowVisible
EnableWindow
wsprintfA
EndDialog
MessageBoxA
GetAsyncKeyState
GetMessageA
GetSystemMetrics
EnumDisplaySettingsA
SetRect
SystemParametersInfoA
CharPrevA
DestroyCursor
EndDeferWindowPos
SetWindowRgn
DrawIconEx
WindowFromPoint
DestroyMenu
GetSystemMenu
InsertMenuA
InsertMenuItemA
RegisterClassA
LoadAcceleratorsA
RemoveMenu
GetClassLongA
TranslateAcceleratorA
CallWindowProcA
PeekMessageA
SetDlgItemTextA
GetDC
RegisterClassExA
SetCursorPos

gdi32

DeleteDC
GetDIBits
CreateCompatibleDC
SetBkMode
SetTextColor
MoveToEx
UpdateColors
SelectPalette
CreateDIBSection
CreatePalette
GetDeviceCaps
CreateBrushIndirect
GetNearestColor
CreateCompatibleBitmap
StretchBlt
ExtSelectClipRgn
Rectangle
IntersectClipRect
CreatePen
CreateRectRgn
CreatePolyPolygonRgn
GetTextExtentPoint32A
RoundRect
DeleteObject
GetDIBColorTable

advapi32

RegCreateKeyA
RegOpenKeyExA

shell32

SHGetMalloc
DragFinish
SHGetPathFromIDListA

comctl32

ord17

ole32

CoCreateGuid
CoRevokeClassObject
RevokeDragDrop
OleUninitialize
OleInitialize
CLSIDFromString
CoCreateInstance

comdlg32

GetSaveFileNameA
GetOpenFileNameA

msvcrt

_XcptFilter
_onexit
__dllonexit
__CxxFrameHandler
_purecall
malloc
qsort
ceil
_isctype
_pctype
??2@YAPAXI@Z
sprintf
fseek
ftell
realloc
_exit
exit
??3@YAXPAX@Z
strlen
strcat
fopen
fread
strcpy
_mbsstr
memcpy
_ftol
__p__fmode
_strnicmp
_strdup

Sections

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 562B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 1KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

488b7cacb95ffc79f2d1a7de87e86081

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

comdlg32

msvcrt

Sections

.rsrc Size: 4KB - Virtual size: 3KB

DATA Size: 101KB - Virtual size: 100KB

.rdata Size: 1024B - Virtual size: 562B

CODE Size: 1KB - Virtual size: 47KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

DATA
Size: 101KB - Virtual size: 100KB

.rdata
Size: 1024B - Virtual size: 562B

CODE
Size: 1KB - Virtual size: 47KB

.idata
Size: 4KB - Virtual size: 4KB