5ec024e02496ce33b17b1e5dc96bd14b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ec024e02496ce33b17b1e5dc96bd14b_JaffaCakes118
Size

316KB
MD5

5ec024e02496ce33b17b1e5dc96bd14b
SHA1

64eb50bcdda6714d397f2b4fc8d965f69c15fb3e
SHA256

fafa6dc5c6ca4491ce69ee64646195ddc35e289e7ab8f96c2d2b648c1d431470
SHA512

adb0f6abb3c25deb9dc4565d4b8d79ed94bb7fe95654077e4823d0a7e2847b85811f6267ceade44c25076f7779cfec7cab2a09abf5b8f55863f240186ed90b43
SSDEEP

6144:iNHB2glDJZ3bZI/hcAVi7z+0wPhjIb/YPleLIB3J36g:iNtj3OhPVi7z+0shIzY+G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ec024e02496ce33b17b1e5dc96bd14b_JaffaCakes118

Files

5ec024e02496ce33b17b1e5dc96bd14b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75e8fd9d74fa32733a70cce094e80659

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenClipboard
VkKeyScanW
SetClassLongA
RegisterWindowMessageA
CallWindowProcA

shell32

SHGetPathFromIDListA
ExtractIconA
SHAppBarMessage
Shell_NotifyIconW
SHCreateDirectoryExW

comctl32

ImageList_Draw
ImageList_GetBkColor

kernel32

GetOEMCP
IsValidCodePage
GetEnvironmentStringsW
GetStartupInfoA
GetPrivateProfileIntW
FindResourceExA
CreateProcessA
GetVersionExA
CreateEventW
RemoveDirectoryW
FindNextFileA
ResetEvent
QueryDosDeviceW
SetEnvironmentVariableA
ExpandEnvironmentStringsW
GetCommandLineW
IsBadReadPtr
GetQueuedCompletionStatus
CompareStringW
MapViewOfFile
ExitThread
GetLogicalDrives
ReleaseSemaphore
FindNextChangeNotification
GetLocaleInfoA
HeapAlloc
UnlockFile
lstrlenA
GetCurrentThreadId
IsBadCodePtr
FindResourceW
SetUnhandledExceptionFilter
GetFileAttributesExW
GetExitCodeProcess
GlobalSize
GetSystemPowerStatus
GlobalFree
GetProfileStringW
LocalFree
OpenProcess
GetProcAddress
WideCharToMultiByte
lstrcatW
TransactNamedPipe
GlobalGetAtomNameW
IsDBCSLeadByte
QueueUserWorkItem
VerifyVersionInfoW
LocalUnlock
GetThreadLocale
FormatMessageA
SetCurrentDirectoryW
GetExitCodeThread
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
OpenMutexA
TerminateThread
QueryDosDeviceA
SetStdHandle
GetSystemDefaultUILanguage
TlsGetValue
CreateThread
GetPrivateProfileStringW
SetPriorityClass
TlsSetValue
LoadLibraryA
HeapReAlloc
GetACP
GetCPInfo
LeaveCriticalSection
GetOverlappedResult
DosDateTimeToFileTime
SetLastError
CreateSemaphoreW
WriteConsoleW
OpenFileMappingA
WritePrivateProfileStringW
VirtualAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetThreadExecutionState
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetLastError
LocalAlloc
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
TlsAlloc

oleaut32

RegisterTypeLi

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

PathFileExistsW
PathIsURLW
PathAddBackslashW

gdi32

SaveDC
LineDDA
CreateRectRgnIndirect
PtInRegion
SetPixel
SetBkColor
GetBrushOrgEx
GdiFlush
GetTextExtentPointW
CreatePolygonRgn
StartDocW
GetCharWidthW
Escape
GetRgnBox
GetPaletteEntries
CreateEllipticRgn

comdlg32

GetFileTitleA
CommDlgExtendedError
ChooseColorA

ole32

CreateDataAdviseHolder
DoDragDrop
OleSetContainedObject
CreateItemMoniker
CoSuspendClassObjects
OleSaveToStream
CLSIDFromProgID
StringFromIID

advapi32

ConvertStringSidToSidW
RegCreateKeyExW
AdjustTokenPrivileges

Sections

.text
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75e8fd9d74fa32733a70cce094e80659

Headers

File Characteristics

Imports

user32

shell32

comctl32

kernel32

oleaut32

version

shlwapi

gdi32

comdlg32

ole32

advapi32

Sections

.text Size: 264KB - Virtual size: 262KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 632B

.text
Size: 264KB - Virtual size: 262KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 632B