5e7295d5c56d3f4adeb6fcd37f168ce1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e7295d5c56d3f4adeb6fcd37f168ce1_JaffaCakes118
Size

828KB
MD5

5e7295d5c56d3f4adeb6fcd37f168ce1
SHA1

7752465d37fc4ccd1a2954d4189b726e858be02d
SHA256

c9a7f5f3f082abe7efa81c530ebcc247da85d5c2f9965ea47480f4acac34e789
SHA512

b5b05cf29bd6c571b527740036230332d31a447b004e2546799d790f58b667bc02e847dba31b2dde2ac0b72dd189b1b6eb06216694106926e16dd903995abddb
SSDEEP

12288:VnIQxJwJBBFQp48k42xPSe04dOhSzUZR5orNt4LiV:dIQLwJBBFckzxPS3FhSw+Rt4e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e7295d5c56d3f4adeb6fcd37f168ce1_JaffaCakes118

Files

5e7295d5c56d3f4adeb6fcd37f168ce1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

816b87a4f9b494171fbb542e27debf6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA

bass

BASS_ChannelIsActive
BASS_SampleStop
BASS_ChannelSlideAttributes
BASS_SampleGetChannel
BASS_ChannelStop
BASS_ChannelSetSync
BASS_ChannelPlay
BASS_ChannelPause
BASS_ChannelSetAttributes
BASS_SampleLoad
BASS_Free
BASS_Init
BASS_SampleFree
BASS_StreamCreateFile
BASS_StreamFree

gdi32

GetStockObject
GetDeviceCaps

kernel32

FindClose
FindNextFileA
FindFirstFileA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
LockResource
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LoadLibraryA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLastError
GetTickCount
MulDiv
InterlockedIncrement
InterlockedDecrement
lstrlen
GetNumberFormatA
GetLocaleInfoA
GetTimeFormatA
CreateMutexA
lstrcpyn
FreeLibrary
CreateFileA
CreateDirectoryA
LocalFree
CloseHandle
SetFilePointer
ReadFile
GetFileSize
Sleep
GlobalUnlock
GlobalLock
lstrcpy
GlobalFree
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceA
GetCurrentThreadId
OutputDebugStringA
GetLocalTime
FormatMessageA
VirtualQuery
GetCurrentThread
lstrcat
FileTimeToSystemTime
GetFileTime
GetSystemDirectoryA
GetProcessHeap
GetProcAddress
GetFileAttributesA
lstrcmpi
lstrcmp
DeleteFileA
RaiseException
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadWritePtr
SetEndOfFile

shell32

ShellExecuteA

user32

ReleaseDC
GetDC
GetSystemMetrics
PostQuitMessage
ShowWindow
IsIconic
SetForegroundWindow
FindWindowA
MessageBeep
IsCharAlphaNumericA
RegisterClassA
LoadIconA
KillTimer
LoadCursorA
LoadImageA
ScreenToClient
GetCursorPos
SetCapture
ReleaseCapture
SetTimer
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetKeyState
EqualRect
FillRect
GetClientRect
CallWindowProcA
SetCursor
DefWindowProcA
GetWindowLongA
SetDlgItemTextA
SetWindowLongA
CreateWindowExA
MessageBoxA
EnumThreadWindows
ChangeDisplaySettingsA
wvsprintfA
DefDlgProcA
EndDialog
SendDlgItemMessageA
DialogBoxIndirectParamA
SetWindowPos
GetWindowRect
ClientToScreen
UpdateWindow
WindowFromPoint
GetMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
LoadStringA
InflateRect
UnionRect
OffsetRect
IntersectRect
CopyRect
SetRect
PtInRect
PeekMessageA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

timeGetTime

Sections

.text
Size: 528KB - Virtual size: 527KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zylms
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zylmi
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

816b87a4f9b494171fbb542e27debf6e

Headers

File Characteristics

Imports

advapi32

bass

gdi32

kernel32

shell32

user32

version

winmm

Sections

.text Size: 528KB - Virtual size: 527KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 52KB - Virtual size: 67KB

.rsrc Size: 180KB - Virtual size: 178KB

.zylms Size: 4KB - Virtual size: 4KB

.zylmi Size: 4KB - Virtual size: 4KB

.mackt Size: 8KB - Virtual size: 8KB

.text
Size: 528KB - Virtual size: 527KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 52KB - Virtual size: 67KB

.rsrc
Size: 180KB - Virtual size: 178KB

.zylms
Size: 4KB - Virtual size: 4KB

.zylmi
Size: 4KB - Virtual size: 4KB

.mackt
Size: 8KB - Virtual size: 8KB