5da5a86811fe3ad5fdbd1879fcfd19cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5da5a86811fe3ad5fdbd1879fcfd19cf_JaffaCakes118
Size

543KB
MD5

5da5a86811fe3ad5fdbd1879fcfd19cf
SHA1

7f6a2e57256e18aa93230bed3cfd0d69b06748dd
SHA256

2af82830e4cf8a17df7f593878d11874aed94e691388edd007c988c20222e505
SHA512

659b5bac767bd56140048f9744de982834b982b5740884ca4e138954dee5a1b51be5ef0bbc895a27409cb8918eee818d6b24b601e788c7927c383d607e5a4b8c
SSDEEP

6144:7ImZH2tzkeFnuFsTaLqtaGZShwX6I+01XY/AC26vyUFBVFlBCInPzlgbGQ/GpBfR:uZnWnmoRwKI+xPvy+DFl7y/sBx58rb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5da5a86811fe3ad5fdbd1879fcfd19cf_JaffaCakes118

Files

5da5a86811fe3ad5fdbd1879fcfd19cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4ed56b5cd39d002371f03b6d15fd769

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
SendNotifyMessageW
RegisterClassA
LoadMenuIndirectA
RegisterClassExA
DestroyWindow
DdeImpersonateClient
DefWindowProcA
MessageBoxW
DrawFrame
CreateWindowExW
GetClassNameA

comctl32

CreateToolbarEx
CreateStatusWindowW
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_SetFlags
CreatePropertySheetPageA
ImageList_Copy
ImageList_GetIconSize
ImageList_Duplicate
ImageList_ReplaceIcon
CreateUpDownControl
InitCommonControlsEx
DrawStatusText
CreateStatusWindow
CreatePropertySheetPageW

shell32

SheChangeDirExW

kernel32

GetConsoleOutputCP
FreeEnvironmentStringsW
TlsSetValue
LoadLibraryExA
GetCurrentProcessId
EnterCriticalSection
GetStartupInfoW
HeapCreate
CreateMutexA
GetCurrentProcess
LCMapStringA
GetTickCount
CloseHandle
LoadLibraryA
IsDebuggerPresent
GetLocaleInfoW
SetHandleCount
MultiByteToWideChar
GetStringTypeA
GetModuleHandleA
CreateNamedPipeA
GetConsoleCP
GetCurrentThreadId
GetModuleFileNameA
GetStringTypeW
TlsAlloc
GetTimeFormatA
HeapFree
WriteConsoleW
FlushFileBuffers
ReadFile
GetStartupInfoA
CompareStringA
GetCurrentThread
GetDateFormatA
lstrcatA
HeapDestroy
HeapAlloc
InitializeCriticalSectionAndSpinCount
GetACP
GetFileType
CompareStringW
GetModuleHandleW
InterlockedExchange
GetThreadLocale
SetConsoleCtrlHandler
LeaveCriticalSection
GetTimeZoneInformation
CreateFileA
LocalUnlock
LoadResource
SetStdHandle
IsValidLocale
UnhandledExceptionFilter
SetEnvironmentVariableA
TlsGetValue
InterlockedDecrement
TerminateProcess
EnumSystemLocalesA
InterlockedIncrement
VirtualFree
GetEnvironmentStringsW
GetCPInfo
Sleep
DeleteCriticalSection
FreeLibrary
GetModuleFileNameW
LCMapStringW
GetProcAddress
CopyFileExA
OpenMutexA
GetSystemTimeAsFileTime
GetStdHandle
GetUserDefaultLCID
GetOEMCP
GetLastError
GetCommandLineW
WideCharToMultiByte
QueryPerformanceCounter
GetCommandLineA
EnumDateFormatsA
GetConsoleMode
IsValidCodePage
TlsFree
SetUnhandledExceptionFilter
WriteConsoleA
ExitProcess
GetLocaleInfoA
SetFilePointer
SetLastError
VirtualQuery
WriteFile
HeapReAlloc
RtlUnwind
FindFirstFileExA
HeapSize
VirtualAlloc

Sections

.text
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4ed56b5cd39d002371f03b6d15fd769

Headers

File Characteristics

Imports

user32

comctl32

shell32

kernel32

Sections

.text Size: 374KB - Virtual size: 373KB

.rdata Size: 31KB - Virtual size: 62KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 374KB - Virtual size: 373KB

.rdata
Size: 31KB - Virtual size: 62KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 33KB - Virtual size: 32KB