5d7d7628cede872d74f0952298d2a91d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d7d7628cede872d74f0952298d2a91d_JaffaCakes118
Size

542KB
MD5

5d7d7628cede872d74f0952298d2a91d
SHA1

ad6661257cb2b3d6a69e9281c7c63b88f466ef29
SHA256

271448bdfd538a43c4777a2bcec3e46e6813b362c1e1332a7548d8c6a2347ccd
SHA512

e8326ea183d3dd198aa48c197f2695089c4c837d26dbe3d5431237e0fa7507eb4bd256ecb852589777a8ec9d97a733aa22bb1f6e8fa0a5838b7a55c1e9e5d282
SSDEEP

12288:nUSkdRZ9LtITskNNj+FW2SZAMqfhU+lducMq0afwp:cdRLLtItT6FW2PM6dlt0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d7d7628cede872d74f0952298d2a91d_JaffaCakes118

Files

5d7d7628cede872d74f0952298d2a91d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bab47fe8a58ce790ec60b80262f1e160

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsChild
MessageBoxW
EndMenu
SetWindowLongA
DefWindowProcA
ScreenToClient
CreateWindowExA
DestroyWindow
SetMenuContextHelpId
LoadStringA
GetAsyncKeyState
ExitWindowsEx
CheckDlgButton
CharNextW
RegisterClassA
GetDC
GetKeyState
ShowWindow
SendDlgItemMessageW
GetScrollPos
RegisterClassExA
GetWindowModuleFileNameA

kernel32

TerminateProcess
GetPrivateProfileSectionW
LeaveCriticalSection
ExitProcess
UnhandledExceptionFilter
HeapValidate
SetFileAttributesA
MultiByteToWideChar
CreateMutexA
SetThreadPriority
GetModuleHandleA
GetProcAddress
GetTimeZoneInformation
WaitForSingleObjectEx
GetCurrentThreadId
TlsFree
ReadFile
GetModuleFileNameW
IsBadWritePtr
GetVersion
CompareStringA
GetSystemTime
WritePrivateProfileStructW
TerminateThread
CloseHandle
LCMapStringA
HeapFree
GetProcAddress
GetStdHandle
GetCommandLineW
SetConsoleMode
InterlockedExchange
VirtualQuery
SetFilePointer
GetTickCount
InitializeCriticalSection
HeapCreate
GetConsoleTitleW
TlsGetValue
lstrcmp
FindFirstFileA
GetModuleFileNameA
GetWindowsDirectoryA
CreateDirectoryExA
InterlockedDecrement
GetCPInfo
WriteFile
GetStringTypeA
GetPrivateProfileSectionNamesW
GetCurrentProcessId
SetHandleCount
AddAtomW
CreateFileMappingA
FlushFileBuffers
GetStringTypeW
TlsAlloc
TryEnterCriticalSection
GetFileType
LCMapStringW
TlsSetValue
OpenMutexA
SetLastError
DeleteCriticalSection
VirtualFree
FreeEnvironmentStringsW
GetEnvironmentStrings
ReadConsoleInputW
GetLastError
SetFileAttributesW
EnumCalendarInfoExA
GetLocalTime
RtlUnwind
SetStdHandle
GetCurrentThread
CreateSemaphoreW
HeapReAlloc
VirtualAlloc
WideCharToMultiByte
LoadLibraryExA
GetStartupInfoW
HeapDestroy
HeapAlloc
CompareStringW
LocalAlloc
GetLogicalDrives
GetCommandLineA
SetEnvironmentVariableA
GetStartupInfoA
SetPriorityClass
GetSystemTimeAsFileTime
LoadLibraryA
GetEnvironmentStringsW
InterlockedIncrement
QueryPerformanceCounter
EnterCriticalSection
LocalFileTimeToFileTime
CreateMailslotA
GetCurrentProcess
FreeEnvironmentStringsA
VirtualProtect

comctl32

ImageList_GetImageCount
CreateStatusWindowA
ImageList_SetFilter
ImageList_DragMove
DrawStatusText
DrawStatusTextW
InitCommonControlsEx
DrawInsert

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bab47fe8a58ce790ec60b80262f1e160

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 155KB - Virtual size: 155KB

.rdata Size: 253KB - Virtual size: 253KB

.data Size: 108KB - Virtual size: 127KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 155KB - Virtual size: 155KB

.rdata
Size: 253KB - Virtual size: 253KB

.data
Size: 108KB - Virtual size: 127KB

.rsrc
Size: 24KB - Virtual size: 24KB