5d67ae02ef2eb7e12bec90712d70065b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5d67ae02ef2eb7e12bec90712d70065b_JaffaCakes118
Size

543KB
MD5

5d67ae02ef2eb7e12bec90712d70065b
SHA1

cefc11de80a45d8a8ff1cffe4d0ad8d4244dc2bc
SHA256

6904e6be899699b5478beb4e480131505ca1222016cef76d01ae049f9fb81f0c
SHA512

552865e945980fe08e36fbdfdc0a363ee19212ae996aaa74f26147cbec853f5f75a3d84141d331e9e0842292b74156f5ac90f55ebad2edcd21e743c6431570ec
SSDEEP

6144:RMDdnk20Tnyj8K/XDfKIb371b7n1bIUb295J3Nsd0hU20ojhFc1aie3PpYNyvg0C:uVk2sqP/zR7Fn1/be9SdaLZJ3JIqM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d67ae02ef2eb7e12bec90712d70065b_JaffaCakes118

Files

5d67ae02ef2eb7e12bec90712d70065b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c815461b51b3e50797ca62ee9cf319e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

GetScrollInfo
GetProcessWindowStation
DdeCreateDataHandle
GetKeyboardType
PostQuitMessage
DrawTextExA
CreateWindowExW
RegisterClassA
RegisterClassExA
EnumWindowStationsA
GetNextDlgTabItem
SendIMEMessageExA
DragDetect
EnableScrollBar
GetSystemMetrics
GetScrollPos
RemoveMenu
GetCaretBlinkTime
wvsprintfA
DestroyWindow

gdi32

CombineTransform
SelectObject

kernel32

SetStdHandle
LeaveCriticalSection
GetStringTypeA
IsValidCodePage
MultiByteToWideChar
VirtualAlloc
HeapDestroy
SetHandleCount
GetConsoleOutputCP
TlsSetValue
TlsFree
ReadFile
GetCurrentProcessId
TlsGetValue
GetCurrentThread
LCMapStringW
SetUnhandledExceptionFilter
IsDebuggerPresent
CompareStringA
GetTickCount
HeapCreate
GetEnvironmentStrings
GetConsoleCP
GetCurrentProcess
FlushFileBuffers
FreeEnvironmentStringsA
WriteConsoleA
CreateFileA
TerminateProcess
SetFilePointer
VirtualQuery
GetStdHandle
GetTimeFormatA
GetLocaleInfoA
DeleteCriticalSection
VirtualFree
WriteFile
GetFileType
GetLastError
GetConsoleMode
GetEnvironmentStringsW
GetDateFormatA
HeapSize
EnumSystemLocalesA
CreateMutexA
CloseHandle
UnhandledExceptionFilter
GetCurrentThreadId
ReadConsoleOutputAttribute
GetStringTypeW
GetOEMCP
GetLocaleInfoW
ExitProcess
OpenMutexA
SetEnvironmentVariableA
InterlockedExchange
WriteConsoleW
SetLastError
GetPrivateProfileIntW
IsValidLocale
GetProcAddress
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
InitializeCriticalSection
GetVersionExA
TlsAlloc
GetStartupInfoA
GetUserDefaultLCID
GetModuleHandleA
CompareStringW
LoadLibraryA
GetProcessHeap
WideCharToMultiByte
HeapAlloc
FreeLibrary
GetModuleFileNameA
SetEndOfFile
GetTimeZoneInformation
GetCPInfo
GetCommandLineA
QueryPerformanceCounter
RtlUnwind
HeapFree
LCMapStringA
HeapReAlloc
SetConsoleCtrlHandler
InterlockedIncrement
Sleep
GetACP
EnterCriticalSection
InterlockedDecrement

Sections

.text
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c815461b51b3e50797ca62ee9cf319e7

Headers

File Characteristics

Imports

comctl32

user32

gdi32

kernel32

Sections

.text Size: 210KB - Virtual size: 209KB

.rdata Size: 9KB - Virtual size: 39KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 210KB - Virtual size: 209KB

.rdata
Size: 9KB - Virtual size: 39KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 5KB - Virtual size: 5KB