5f5e1bc8fe15bc52e10d40dffb890a7c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f5e1bc8fe15bc52e10d40dffb890a7c_JaffaCakes118
Size

438KB
MD5

5f5e1bc8fe15bc52e10d40dffb890a7c
SHA1

535de4933381af907caae2cd3150fcb06732c447
SHA256

0a0901fd57fe96d67cce9ab99ad9b6bc76e23244185d187ef1f72880b7732ddd
SHA512

8af9c00717ffbcdef3c3bbdc39dbd64705570c7dfe8c6dd40d5fa542d30a6149b395a327b69a3d71a26a3deea8847741496db4c0ddf6ce15956216734f7055f9
SSDEEP

6144:T95VSi95cu8HeXZWIzAWrbk8iLHrCy1Qj8x+b5XwDB3u2prI/oEfkpzvOiwgjRsr:T97Tcu8+JW9/Tuo/ZuSEhfkgxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f5e1bc8fe15bc52e10d40dffb890a7c_JaffaCakes118

Files

5f5e1bc8fe15bc52e10d40dffb890a7c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

224469272e68953cf14187af9cb6fe7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

mpr

WNetAddConnection2A
WNetCancelConnection2A

kernel32

GetCurrentProcess
WideCharToMultiByte
GetVersion
GetModuleFileNameA
lstrlenA
GetProcAddress
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetComputerNameA
LoadLibraryExA
FormatMessageA
GetStdHandle
WriteFile
FreeLibrary
CreateFileA
CloseHandle
GetTickCount
Sleep
SetLastError
GetLastError
LocalAlloc
LoadLibraryA
LocalFree
GetModuleHandleA
SetFilePointer
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapSize
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
ExitProcess
GetCommandLineA
GetVersionExA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
LCMapStringA
MultiByteToWideChar
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
SetHandleCount
GetFileSize
GetStartupInfoA
GetConsoleCP
RtlUnwind
FlushFileBuffers
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

SetWindowTextA
LoadCursorA
EndDialog
InflateRect
SendMessageA
GetSysColorBrush
GetDlgItem
DialogBoxIndirectParamA
wsprintfA
SetCursor

gdi32

GetDeviceCaps
StartDocA
StartPage
EndPage
EndDoc
SetMapMode

comdlg32

PrintDlgA

advapi32

MapGenericMask
EnumDependentServicesA
ChangeServiceConfigA
QueryServiceConfigA
QueryServiceObjectSecurity
GetSecurityDescriptorDacl
GetAce
LookupAccountSidA
EnumServicesStatusA
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
ControlService
OpenSCManagerA
OpenServiceA
StartServiceA
QueryServiceStatus
CloseServiceHandle
RegCreateKeyA
IsTextUnicode
RegSetValueExA
RegCloseKey

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj5
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj50
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj51
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj52
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj53
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj54
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj55
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj56
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj57
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj58
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj59
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1231
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAKS
Size: 512B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GAHS
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

224469272e68953cf14187af9cb6fe7a

Headers

DLL Characteristics

File Characteristics

Imports

version

mpr

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

.fhj5 Size: 512B - Virtual size: 180B

.fhj50 Size: 512B - Virtual size: 202B

.fhj51 Size: 512B - Virtual size: 176B

.fhj52 Size: 199KB - Virtual size: 198KB

.fhj53 Size: 199KB - Virtual size: 198KB

.fhj54 Size: 512B - Virtual size: 222B

.fhj55 Size: 512B - Virtual size: 222B

.fhj56 Size: 512B - Virtual size: 222B

.fhj57 Size: 512B - Virtual size: 222B

.fhj58 Size: 512B - Virtual size: 222B

.fhj59 Size: 512B - Virtual size: 222B

.1231 Size: 512B - Virtual size: 244B

.JAKS Size: 512B - Virtual size: 134B

.GAHS Size: 512B - Virtual size: 194B

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 512B - Virtual size: 290B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

.fhj5
Size: 512B - Virtual size: 180B

.fhj50
Size: 512B - Virtual size: 202B

.fhj51
Size: 512B - Virtual size: 176B

.fhj52
Size: 199KB - Virtual size: 198KB

.fhj53
Size: 199KB - Virtual size: 198KB

.fhj54
Size: 512B - Virtual size: 222B

.fhj55
Size: 512B - Virtual size: 222B

.fhj56
Size: 512B - Virtual size: 222B

.fhj57
Size: 512B - Virtual size: 222B

.fhj58
Size: 512B - Virtual size: 222B

.fhj59
Size: 512B - Virtual size: 222B

.1231
Size: 512B - Virtual size: 244B

.JAKS
Size: 512B - Virtual size: 134B

.GAHS
Size: 512B - Virtual size: 194B

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 512B - Virtual size: 290B