5e689c4a69fff7775690da767ac742a7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5e689c4a69fff7775690da767ac742a7_JaffaCakes118
Size

478KB
MD5

5e689c4a69fff7775690da767ac742a7
SHA1

efa295f45f252eda4f18d0bb66f54e4b5849a93a
SHA256

51a6051516fd234f94494366463b04e7549afeeb952b5924b9632d55706cef02
SHA512

0970d63268321b223573c1c5b4b265a3175bd2eb4784cdf9a1582c3470839365b6c9f59ba090e2e998913820261c9afdd3f334c5afbc4a36d5d1e8da5e2a810f
SSDEEP

12288:KsSbYuVmaMi5Es7jGEqiwvy6d6/UjJzHF:kDvMi5EqCD768dr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e689c4a69fff7775690da767ac742a7_JaffaCakes118

Files

5e689c4a69fff7775690da767ac742a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57565d5c9241b7f488da3ab5b7179143

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\ottszt\gichhgys\peefa\jinrdoeg.pdb

Imports

user32

SetDebugErrorLevel
MessageBoxIndirectA
GetClassLongA
RegisterClassA
RegisterClassExA

gdi32

SetEnhMetaFileBits
gdiPlaySpoolStream
SetTextCharacterExtra
SetPixelV
CreateSolidBrush
GetRandomRgn
SetTextAlign
SetBrushOrgEx
GetGlyphOutlineW
CreateDiscardableBitmap
EnumMetaFile
StrokeAndFillPath
FillRgn
SetWindowOrgEx
DeleteDC
GetTextColor

comctl32

InitCommonControlsEx

kernel32

FileTimeToLocalFileTime
GetStdHandle
GetFileType
GetACP
HeapAlloc
GetSystemTimeAsFileTime
TlsAlloc
GetCommandLineA
HeapFree
HeapCreate
TerminateProcess
GetModuleFileNameA
LoadLibraryA
WideCharToMultiByte
TlsGetValue
GetDateFormatA
MultiByteToWideChar
EnterCriticalSection
SetConsoleTextAttribute
RtlUnwind
GetFileAttributesA
VirtualFree
InitializeCriticalSection
GetCPInfo
HeapReAlloc
GetLocaleInfoW
DosDateTimeToFileTime
VirtualProtect
IsValidLocale
GetTimeFormatA
SetHandleCount
SetFilePointer
GetSystemInfo
GetCurrentProcess
IsBadWritePtr
IsValidCodePage
GetStringTypeW
GetCommandLineW
lstrcmp
SetEnvironmentVariableA
FreeEnvironmentStringsA
CloseHandle
ReadFile
VirtualAlloc
VirtualQueryEx
CreateMutexA
GetStartupInfoA
TlsFree
GetTimeZoneInformation
GetStringTypeA
ExitProcess
GetUserDefaultLCID
GetComputerNameA
OpenSemaphoreW
VirtualQuery
SetStdHandle
FoldStringW
GetModuleFileNameW
LCMapStringA
GetCurrentThread
CompareStringW
OpenMutexA
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetVersionExA
UnhandledExceptionFilter
GetStartupInfoW
GetLastError
EnumSystemCodePagesA
ReadConsoleOutputAttribute
EnumSystemLocalesA
GetProcAddress
GetCurrentThreadId
DeleteCriticalSection
IsDebuggerPresent
LocalUnlock
FlushFileBuffers
GetLocaleInfoA
LCMapStringW
HeapSize
InterlockedExchange
GetTickCount
FreeEnvironmentStringsW
TlsSetValue
WriteFile
HeapDestroy
CompareStringA
LeaveCriticalSection
SetLastError
GetOEMCP
GetModuleHandleA
GetEnvironmentStrings

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57565d5c9241b7f488da3ab5b7179143

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

comctl32

kernel32

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 22KB - Virtual size: 41KB

.data Size: 102KB - Virtual size: 102KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 22KB - Virtual size: 41KB

.data
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 20KB - Virtual size: 19KB