5d801e9990a95359b343285a71ee97a7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5d801e9990a95359b343285a71ee97a7_JaffaCakes118
Size

328KB
MD5

5d801e9990a95359b343285a71ee97a7
SHA1

c3fe03dc90688ef3f0a181b83a2205d734dd97b2
SHA256

df6d1f54088a8e5df0d5251792308da3ca6df1479da0e673e16013ab836cfd7e
SHA512

1f24d81ae52e7313f34f87401c09b3ac79804722535ee0d0161af5d18413b0db3bdf2c8c0740680d723470c0ef5411a4fbee86a355c2033e31c32daa469be840
SSDEEP

6144:SVtisu1+wTe+owFK2nAZrgnLsqT2A/te9YJcnqpd+2AqkysHBg82JWXH:SVtiB1+oFUrSIU2xzqz+2AqkDHIJUH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d801e9990a95359b343285a71ee97a7_JaffaCakes118

Files

5d801e9990a95359b343285a71ee97a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b24a7d6ba5c51be69335f69eaf02e41a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
CloseHandle
UnhandledExceptionFilter
GetModuleHandleA
GetCurrentProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetSystemDirectoryW
GetCurrentThreadId
Sleep
GetCurrentProcessId
lstrcatW
TerminateProcess
CreateProcessW
GetProcessVersion
lstrcpyW
lstrlenW
GetFileAttributesW
VirtualFree
VirtualProtect
GetCommandLineA
GetStartupInfoA

user32

SetActiveWindow
KillTimer
SetTimer
GetWindowRect
GetSystemMenu
PostThreadMessageW
GetDesktopWindow
SendMessageW
OpenInputDesktop
OpenDesktopW
GetUserObjectInformationW
CloseDesktop
SetForegroundWindow
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageW
PostMessageW
EndDialog
GetFocus

advapi32

FreeSid
AllocateAndInitializeSid
RevertToSelf
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
DuplicateTokenEx
DuplicateToken
ControlService
ImpersonateLoggedOnUser
StartServiceW
CreateProcessAsUserW
CheckTokenMembership
GetUserNameW

rpcrt4

RpcBindingSetAuthInfoExW
NdrClientCall2
RpcBindingFree
RpcBindingFromStringBindingW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_wsplitpath
_wremove
wcscspn
_except_handler3
_wcsicmp

Sections

.text
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b24a7d6ba5c51be69335f69eaf02e41a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

rpcrt4

msvcrt

Sections

.text Size: 317KB - Virtual size: 317KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 307KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 317KB - Virtual size: 317KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 307KB

.rsrc
Size: 3KB - Virtual size: 2KB