5e74a7aab82b5c4aad2294bc61ef064f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e74a7aab82b5c4aad2294bc61ef064f_JaffaCakes118
Size

280KB
MD5

5e74a7aab82b5c4aad2294bc61ef064f
SHA1

330957d49fea1ecae20bda08fff263c055344a0a
SHA256

5004f2fa90a8cc6230b355d1720f9e27c390eafd45fc6230f16d7e7c508a89b4
SHA512

e1d2d23c1a45961b4e569a702bd68a3a46b0adfad3f08818bf1cd83ef5a20ff07da14518aa42ef7e5b44d08790321c2ec2b99a7b5d8cadb7c04251f3b35a4a1f
SSDEEP

6144:kxzBe5qj4aTycrSiL+ZyTw3fo/2+sShSjp2e+aey:J1jXJZIw3CDJapZ+aV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e74a7aab82b5c4aad2294bc61ef064f_JaffaCakes118

Files

5e74a7aab82b5c4aad2294bc61ef064f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37527918ff89401268c9d3b5da46496c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
InitializeCriticalSection
WaitForMultipleObjects
lstrlenA
GetModuleFileNameW
LoadLibraryW
FreeLibrary
lstrlenW
MultiByteToWideChar
lstrcpynW
GetFullPathNameA
lstrcpynA
QueryPerformanceCounter
SetUnhandledExceptionFilter
CreateEventW
SetEvent
GetVersionExW
Sleep
GetFileAttributesA
GetCurrentProcess
MoveFileW
GetShortPathNameW
GetFileAttributesW
CreateDirectoryW
GetCurrentThread
LocalFree
GetExitCodeProcess
GetLastError
GetTickCount
GetCurrentProcessId
CreateMutexA
GetProcAddress

user32

PeekMessageW

advapi32

EqualSid
FreeSid
AllocateAndInitializeSid
OpenProcessToken
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
RegEnumKeyW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
SetThreadToken
DuplicateToken
OpenThreadToken
GetLengthSid
IsValidSid
GetTokenInformation
RevertToSelf
DuplicateTokenEx
RegDeleteKeyA

shell32

SHGetDesktopFolder

imm32

ImmGetHotKey
ImmRegisterWordW
ImmLoadIME
ImmSetHotKey
ImmRequestMessageA
ImmSetActiveContext
ImmSystemHandler
ImmGetOpenStatus
ImmGetImeInfoEx

cic

DllGetClassObject
DllCanUnloadNow
DllRegisterServer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HZ
Size: 3KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 98KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bCeZ
Size: 5KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 119KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UDnit
Size: 512B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37527918ff89401268c9d3b5da46496c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

imm32

cic

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 31KB

.HZ Size: 3KB - Virtual size: 597KB

.edata Size: 98KB - Virtual size: 174KB

.bCeZ Size: 5KB - Virtual size: 331KB

.data Size: 7KB - Virtual size: 372KB

.edata Size: 119KB - Virtual size: 179KB

.UDnit Size: 512B - Virtual size: 14KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 31KB

.HZ
Size: 3KB - Virtual size: 597KB

.edata
Size: 98KB - Virtual size: 174KB

.bCeZ
Size: 5KB - Virtual size: 331KB

.data
Size: 7KB - Virtual size: 372KB

.edata
Size: 119KB - Virtual size: 179KB

.UDnit
Size: 512B - Virtual size: 14KB

.rsrc
Size: 27KB - Virtual size: 27KB