5e7c6515274e63573e9d7a3c1847f888_JaffaCakes118

General

Target

5e7c6515274e63573e9d7a3c1847f888_JaffaCakes118
Size

203KB
MD5

5e7c6515274e63573e9d7a3c1847f888
SHA1

5fdbef236f69c315527becf77787d70f4ae6f93c
SHA256

c46802d6ea1762ba91c650726019ad436cbbfd25d897e8c0ab1609d8d2afc57c
SHA512

4eec4f2f3f9265fa8a99751900a6019993c7f7ab090c7ba52ac3136cd7fe833bbbffff950a77fbaf7d6b2b3fdc4635b8cc27a76581ad0505850f1155eccdb487
SSDEEP

6144:6NthGPin/7zQvYlnHTXLqj4F7VBXgmgUgjtY0O:ItAPi/70gHTc47eMWj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e7c6515274e63573e9d7a3c1847f888_JaffaCakes118

Files

5e7c6515274e63573e9d7a3c1847f888_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86330ed5de281ceda3e0c281cfaedf9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FtpSetCurrentDirectoryA
InternetQueryFortezzaStatus
CreateUrlCacheContainerW

user32

SystemParametersInfoW
ChildWindowFromPointEx
SetSysColors
MapVirtualKeyExA
DefDlgProcW
GetMenuItemCount
GetSystemMenu
GrayStringW

comdlg32

FindTextW
GetFileTitleW
FindTextA
ChooseFontA
GetOpenFileNameW
PrintDlgA
PrintDlgW
ChooseFontW
ChooseColorA
LoadAlterBitmap

gdi32

SetFontEnumeration
SetWinMetaFileBits
GetDCOrgEx
GetClipRgn
PolyPolygon
PolyDraw
PaintRgn
GetPixelFormat
GetGlyphOutline
WidenPath
GetCurrentPositionEx
GetObjectW
EnumFontFamiliesExW
GetDeviceCaps
CreateDIBSection
SwapBuffers
GetTextExtentPointW

kernel32

OpenProcess
lstrcpyA
GetLogicalDrives
FlushConsoleInputBuffer
HeapAlloc
GetCurrentProcessId
Sleep
GetModuleFileNameA
HeapFree
GetFileType
GetConsoleTitleA
AddAtomA
QueryPerformanceCounter
GetSystemTimeAsFileTime
EnumTimeFormatsW
VirtualAlloc
GetCalendarInfoW
TerminateProcess
SetCriticalSectionSpinCount
WriteFileEx
HeapReAlloc
GetModuleHandleA
InterlockedExchange
GlobalSize
ConvertDefaultLocale
GetTickCount
ExitProcess
GetProcAddress
FillConsoleOutputCharacterA
ExpandEnvironmentStringsA
FillConsoleOutputAttribute
VirtualQuery
GetCurrentProcess
WideCharToMultiByte
TlsGetValue
LoadLibraryA
RtlUnwind
WriteConsoleOutputCharacterW
EnumSystemCodePagesA
lstrcmpA
GetCurrentThreadId
FlushInstructionCache

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86330ed5de281ceda3e0c281cfaedf9b

Headers

File Characteristics

Imports

wininet

user32

comdlg32

gdi32

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 88KB - Virtual size: 88KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 13KB - Virtual size: 12KB