5eea388561016f7e539962865154573c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5eea388561016f7e539962865154573c_JaffaCakes118
Size

442KB
MD5

5eea388561016f7e539962865154573c
SHA1

feb4e5868eca50684d8793dc671fc603cb293f75
SHA256

fb29b8901b2fcb1c99587d1fa1a9358b73f067b0534ada7db10b2327bfa78a70
SHA512

7dc2f82e3ba1cce3eea6a3bbb5fc45b832b3ecceb77058ecb8fe2467b9040080d1f82bbc81ae9c14f662c946c4f0eb982969f2894045e8c722d651192933d065
SSDEEP

6144:6fUD6FxqNX8grUxoXNnkFcQ1W5R8y7t7yf3I15AbwSdIpw2omQ2dGmEtP17aqBsf:85xqi8n2f1YR87o5A8SdoRsmy7a6sLt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eea388561016f7e539962865154573c_JaffaCakes118

Files

5eea388561016f7e539962865154573c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7b6bc622abbe7460f7e1d2144ef4f807

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2438
ord2116
ord5273
ord4621
ord4419
ord768
ord489
ord4253
ord2350
ord2293
ord2362
ord4704
ord5949
ord3092
ord860
ord2606
ord4197
ord6279
ord6278
ord4272
ord4124
ord2755
ord926
ord5679
ord6219
ord4198
ord927
ord2910
ord6920
ord656
ord4229
ord4370
ord941
ord3067
ord6051
ord1768
ord5286
ord4831
ord3397
ord3716
ord567
ord795
ord2567
ord4390
ord3569
ord609
ord3605
ord641
ord616
ord2294
ord6195
ord5257
ord3871
ord5276
ord3592
ord324
ord5977
ord4847
ord6024
ord2859
ord2403
ord2015
ord4213
ord2570
ord4392
ord3577
ord2574
ord4396
ord3365
ord3635
ord693
ord3993
ord3694
ord6898
ord6193
ord5845
ord3296
ord817
ord565
ord1166
ord6896
ord6211
ord2638
ord4279
ord3991
ord4270
ord3133
ord2371
ord2078
ord6237
ord940
ord269
ord826
ord600
ord1571
ord1250
ord1248
ord1563
ord1194
ord1240
ord342
ord1179
ord1570
ord1568
ord1173
ord1115
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4829
ord3793
ord5283
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord2506
ord4992
ord4848
ord4371
ord5261
ord4352
ord4942
ord4970
ord4736
ord4899
ord5154
ord5156
ord5155
ord1899
ord1128
ord2717
ord3948
ord1165
ord815
ord561
ord3733
ord4418
ord4616
ord4075
ord3074
ord3820
ord3826
ord3825
ord3396
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord922
ord4199
ord2810
ord858
ord538
ord861
ord942
ord1143
ord1634
ord3566
ord2406
ord3621
ord924
ord3658
ord535
ord823
ord825
ord6466
ord540
ord4155
ord2634
ord800

msvcrt

wcslen
__CxxFrameHandler
free
malloc
wcscpy
_wcsicmp
_purecall
__RTDynamicCast
wcscmp
swscanf
wcschr
wcsrchr
wcsstr
_wcsnicmp
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_except_handler3

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

atl

ord15
ord22
ord18
ord21
ord16
ord32

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
FreeSid
LookupAccountSidW
RegDeleteValueW
RegOpenKeyW
RegEnumKeyW
RegEnumKeyExW
RegDeleteKeyW
LookupAccountNameW

kernel32

GetCurrentThreadId
lstrlenW
InterlockedDecrement
GetModuleHandleW
GetModuleFileNameW
GetLastError
CloseHandle
GlobalAlloc
GlobalFree
InitializeCriticalSection
InterlockedIncrement
lstrcmpiW
SetLastError
lstrcpyW
CreateDirectoryW
ExpandEnvironmentStringsW
GetSystemTimeAsFileTime
LocalFree
LocalAlloc
WritePrivateProfileStringW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
WriteFile
CreateFileW
GetFileAttributesExW
GetModuleHandleA
GetProcAddress
LoadLibraryW
OutputDebugStringA
LoadLibraryA
FormatMessageW
GlobalUnlock
GlobalLock
DeleteCriticalSection

mpr

WNetGetUniversalNameW

ole32

CoInitialize
StringFromGUID2
CoGetMalloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
ReleaseStgMedium

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

shell32

SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

user32

LoadBitmapW
LoadStringW
SetCursor
LoadCursorW
wsprintfW
EnableWindow
SendMessageW
wvsprintfW
MessageBoxW
RegisterClipboardFormatW
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
MessageBeep
SetParent
ScreenToClient
GetParent
IsWindowVisible
GetWindowRect
GetClientRect
WinHelpW

shlwapi

PathCompactPathW
PathIsUNCW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 2KB - Virtual size: 457B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ik
Size: 2KB - Virtual size: 103B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ocode
Size: 2KB - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kpack0
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gddg8
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iaoq
Size: 2KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oxcodex
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0x0x1
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0x0x2
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0x0x
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0x0x3
Size: 2KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0x0x5
Size: 2KB - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0x0x6
Size: 2KB - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0x0x7
Size: 2KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0x0x8
Size: 2KB - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aosp
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 2KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b6bc622abbe7460f7e1d2144ef4f807

Headers

DLL Characteristics

File Characteristics

Imports

mfc42u

msvcrt

msvcp60

atl

advapi32

kernel32

mpr

ole32

oleaut32

shell32

user32

shlwapi

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 344B

.tls Size: 2KB - Virtual size: 13B

.ndata Size: 2KB - Virtual size: 457B

.ik Size: 2KB - Virtual size: 103B

.ocode Size: 2KB - Virtual size: 224B

.kpack0 Size: 2KB - Virtual size: 208B

.gddg8 Size: 186KB - Virtual size: 185KB

.iaoq Size: 2KB - Virtual size: 60B

.oxcodex Size: 4KB - Virtual size: 2KB

.0x0x1 Size: 186KB - Virtual size: 185KB

.0x0x2 Size: 2KB - Virtual size: 512B

.0x0x Size: 2KB - Virtual size: 512B

.0x0x3 Size: 2KB - Virtual size: 160B

.0x0x5 Size: 2KB - Virtual size: 6B

.0x0x6 Size: 2KB - Virtual size: 200B

.0x0x7 Size: 2KB - Virtual size: 1000B

.0x0x8 Size: 2KB - Virtual size: 600B

.aosp Size: 4KB - Virtual size: 2KB

.CRT Size: 2KB - Virtual size: 8B

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 2KB - Virtual size: 306B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 344B

.tls
Size: 2KB - Virtual size: 13B

.ndata
Size: 2KB - Virtual size: 457B

.ik
Size: 2KB - Virtual size: 103B

.ocode
Size: 2KB - Virtual size: 224B

.kpack0
Size: 2KB - Virtual size: 208B

.gddg8
Size: 186KB - Virtual size: 185KB

.iaoq
Size: 2KB - Virtual size: 60B

.oxcodex
Size: 4KB - Virtual size: 2KB

.0x0x1
Size: 186KB - Virtual size: 185KB

.0x0x2
Size: 2KB - Virtual size: 512B

.0x0x
Size: 2KB - Virtual size: 512B

.0x0x3
Size: 2KB - Virtual size: 160B

.0x0x5
Size: 2KB - Virtual size: 6B

.0x0x6
Size: 2KB - Virtual size: 200B

.0x0x7
Size: 2KB - Virtual size: 1000B

.0x0x8
Size: 2KB - Virtual size: 600B

.aosp
Size: 4KB - Virtual size: 2KB

.CRT
Size: 2KB - Virtual size: 8B

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 2KB - Virtual size: 306B