5e6f9f5c37a4362dfb8ab6902e32f07a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e6f9f5c37a4362dfb8ab6902e32f07a_JaffaCakes118
Size

281KB
MD5

5e6f9f5c37a4362dfb8ab6902e32f07a
SHA1

d05c469bb69a49d8f2b2baa9017129f94989974b
SHA256

2f18956b31f6609179897cfdee75798e6d767a2dba056ad0af8e2524a4bae7d6
SHA512

a420ce42f11f4427edcf8d1d5d96e806cb002996dc685f956253bb06e6b6b0b9e057fcb1e28f3819617e9705ea617a9d9a04f78359c5a309ffe26ba6bd336b49
SSDEEP

6144:cK6G4TKuSg6gNwRfgF7DBwxyeQysZKBr2wpTinVTe7ToyadV/4l:cKmK2NwfuDuANFCJwVTeXoyadVE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e6f9f5c37a4362dfb8ab6902e32f07a_JaffaCakes118

Files

5e6f9f5c37a4362dfb8ab6902e32f07a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a29909a44984ffbac05b1330bf06b788

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
GetTickCount
MoveFileW
GetUserDefaultLangID
SetCurrentDirectoryW
GetFileAttributesExW
FreeLibrary
CancelWaitableTimer
WaitForMultipleObjects
Sleep
DuplicateHandle
FindNextChangeNotification
GlobalFree
InterlockedIncrement
GetFileSize
DeleteFileW
GetDriveTypeW
SetLastError
GetLocalTime
WriteFile
ReadFile
CreateEventW
GetLogicalDrives
CreateFileW
LoadLibraryW
FindNextFileW
GetCurrentThread
FindFirstFileW
LockResource
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualProtect
FindResourceW
GetModuleFileNameW
ResetEvent
MultiByteToWideChar
WideCharToMultiByte
FreeResource
GetLastError
GetVersion
GetFileAttributesW
CloseHandle
GlobalUnlock
CreateProcessW
WritePrivateProfileStringW
GetProcAddress
VirtualFree
GetSystemTime
MulDiv
WaitForSingleObject
GetCurrentProcessId
SetEndOfFile
SizeofResource
lstrlenW
InterlockedDecrement
SetEvent

user32

GetSysColor
AppendMenuW
IsWindow
EndDialog
TrackPopupMenu
GetWindowDC
GetMessageW
LoadImageW
SetLayeredWindowAttributes
DispatchMessageW
FillRect
CreatePopupMenu
SystemParametersInfoW
DestroyIcon
TranslateMessage
SetCapture
PostMessageW
GetParent
CreateWindowExW
RedrawWindow
LoadIconW
GetWindowTextW
SetForegroundWindow
SetCursor
EnableWindow
OffsetRect
IsDlgButtonChecked
DrawTextW
DefWindowProcW
GetWindowThreadProcessId
SetWindowPos
PostQuitMessage
RegisterHotKey
RegisterWindowMessageW
LoadCursorW
RegisterClassExW
ReleaseCapture
SendMessageW
PostThreadMessageW
SendDlgItemMessageW
wsprintfW
VkKeyScanW

gdi32

SelectObject
DeleteObject
GetStockObject
CreateSolidBrush
Rectangle
CreatePen
GetClipBox
SetBkColor
SetDIBits
DPtoLP
CreateBitmap
CreateFontIndirectW
DeleteDC
GetDeviceCaps

advapi32

RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
LookupPrivilegeValueW
RegCloseKey
SetSecurityDescriptorDacl
StartServiceW
RegNotifyChangeKeyValue

shell32

Shell_NotifyIconW
SHChangeNotify

ole32

CoInitializeEx
CoUninitialize

oleaut32

SysFreeString
OleLoadPicture

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a29909a44984ffbac05b1330bf06b788

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 20KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 20KB