5f0e5aacc0a29803366c600b262a1e5d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f0e5aacc0a29803366c600b262a1e5d_JaffaCakes118
Size

217KB
MD5

5f0e5aacc0a29803366c600b262a1e5d
SHA1

020a7ec9a05c702da02918b6574d159e9b232761
SHA256

d817c9d3e0b29ba8fcda26d15b65f1a85281c075b0713faa6bbc6cd3129cfe61
SHA512

30aec2b1299c793800c114d7a541e7c53c46aa658ae59dec2dfa6df64ef7efc7a6a9f3ce20470501e64a9d475ad8d6e10ac413181a1631b9a631b159b044a171
SSDEEP

3072:7HDmFMvSiS0n+UVtnVElCI/7C4H3O4IXGi9LXQKbOx8Way54NyiGUixpCyQkgJgW:7KWvSin+mtnwVT+XQKbYNa/GTCqgJ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f0e5aacc0a29803366c600b262a1e5d_JaffaCakes118

Files

5f0e5aacc0a29803366c600b262a1e5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82864430173084026f12ca948a213579

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW
GetSaveFileNameW
PageSetupDlgW
PrintDlgW
ChooseColorA
ReplaceTextA
PageSetupDlgA
LoadAlterBitmap
ReplaceTextW
GetOpenFileNameW
GetFileTitleA
PrintDlgA
GetFileTitleW
FindTextA
GetOpenFileNameA
GetSaveFileNameA
ChooseFontW

gdi32

GdiPlayScript
CreateRectRgnIndirect
GetMetaFileW
GetNearestColor
ExtEscape
CreateEllipticRgnIndirect
UpdateICMRegKeyW
CreateMetaFileA
SetBitmapDimensionEx

wininet

SetUrlCacheConfigInfoA
UrlZonesDetach
CreateUrlCacheContainerW
FtpCommandW
FtpGetFileSize
GopherCreateLocatorW
FtpSetCurrentDirectoryA
InternetTimeFromSystemTime

user32

DdeInitializeW

kernel32

GetTempFileNameW
LoadLibraryA
SetStdHandle
GetCommandLineA
GetSystemTimeAsFileTime
WaitNamedPipeA
IsBadWritePtr
GetTickCount
lstrcatA
EnterCriticalSection
lstrcpy
GetModuleFileNameA
GetProcAddress
EnumResourceLanguagesW
GetStdHandle
GetStringTypeA
GetLastError
LoadLibraryW
LCMapStringA
SetHandleCount
VirtualAlloc
LocalFree
HeapReAlloc
GetOEMCP
HeapCreate
LeaveCriticalSection
MultiByteToWideChar
GetTempPathA
TlsSetValue
FormatMessageA
GetStringTypeW
WideCharToMultiByte
TlsGetValue
GetEnvironmentStrings
ExitProcess
GetFileType
WriteFile
CreateEventW
GetVersion
HeapAlloc
SetVolumeLabelA
LCMapStringW
InterlockedExchange
GetModuleHandleA
VirtualQuery
TerminateProcess
HeapDestroy
GetStartupInfoA
InitializeCriticalSection
GetCurrentThreadId
TlsFree
GlobalAddAtomA
CreateMailslotA
SetLastError
RtlUnwind
FreeEnvironmentStringsA
AddAtomW
VirtualFree
OpenSemaphoreA
GetACP
FindResourceExA
FlushConsoleInputBuffer
DeleteCriticalSection
GetCurrentProcessId
GetCurrentProcess
FreeEnvironmentStringsW
TlsAlloc
QueryPerformanceCounter
HeapFree
GetEnvironmentStringsW
GetCPInfo
GetCurrentThread
GlobalHandle
UnhandledExceptionFilter

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82864430173084026f12ca948a213579

Headers

File Characteristics

Imports

comdlg32

gdi32

wininet

user32

kernel32

Sections

.text Size: 102KB - Virtual size: 102KB

.data Size: 106KB - Virtual size: 127KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 102KB - Virtual size: 102KB

.data
Size: 106KB - Virtual size: 127KB

.rsrc
Size: 7KB - Virtual size: 7KB