5f403ab6fb2f2fa9db8a41d9bb030339_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f403ab6fb2f2fa9db8a41d9bb030339_JaffaCakes118
Size

572KB
MD5

5f403ab6fb2f2fa9db8a41d9bb030339
SHA1

2178407cd52f5c397dc4a0cf3535f6c04cf2b963
SHA256

fc5ec8411d5a58eae580209bf935e9e51c7b01c48b8a528e6feb82dcd3f3b069
SHA512

750243d1d32ee68533edcbbf87bc475f9449202f6e9cf9a071ef875c3b27a26d7fbf773eb431bd0d82a752c5e590e6c06c7720e1ea8bd71eb56cba836d12530c
SSDEEP

12288:tR3cHZTAKjv9xmS9OnD1aKQCRD8Bz5fP2uqqCuClBezBI8Zwl8XIp8TwVhGtxkr:tR3MJAKhxmSvP1z5fP2uzC7lBe1R9IpJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f403ab6fb2f2fa9db8a41d9bb030339_JaffaCakes118

Files

5f403ab6fb2f2fa9db8a41d9bb030339_JaffaCakes118
.exe windows:5 windows x86 arch:x86

32fc444a94d88767499f5f5a0f38139e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
lstrlenW
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
LCMapStringW
GetLastError
InterlockedIncrement
HeapAlloc
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
CompareStringA
FindNextFileW
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
GetEnvironmentVariableA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
GetConsoleMode
GlobalAlloc
GetVersion
TlsFree
SetUnhandledExceptionFilter
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
CreateFileA
CreateThread
SetFilePointer
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
LocalFree
SetEvent
GetStringTypeW
HeapReAlloc
SetStdHandle
WriteFile
InterlockedExchange
GetSystemTimeAsFileTime
GetStringTypeA
WideCharToMultiByte
GetLocaleInfoW
FreeEnvironmentStringsW
LoadLibraryExW
LocalAlloc
GetLocaleInfoA
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
HeapDestroy
LockResource
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
RtlUnwind
GetModuleHandleA
ReadFile
FindFirstFileA
CloseHandle
GetACP
GetModuleHandleW
SizeofResource
HeapCreate
Sleep
VirtualFree
FindResourceA
VirtualAlloc
WriteConsoleA
GetOEMCP

gdi32

BitBlt
GetDeviceCaps
DeleteDC
GetStockObject
SetTextColor
CreateCompatibleDC
SelectObject
SetBkMode
SetBkColor

advapi32

RegQueryValueExA
RegQueryValueExW
RegCloseKey

user32

SetCursor
GetClientRect
SendMessageA
InvalidateRect
SystemParametersInfoA
GetSysColor
MessageBoxA
MoveWindow
FillRect
MessageBeep
EndDialog
SetForegroundWindow
TrackPopupMenu
LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
SetWindowTextA
SetWindowLongA
ReleaseCapture
PostMessageA
GetWindowRect
GetSystemMetrics
BeginPaint
SetFocus
EndPaint
SetTimer
GetWindowLongA
RegisterClassA
IsIconic
LoadStringA
GetWindow
IsWindowEnabled
SetWindowPos
PeekMessageA
EnableWindow
ShowWindow
DefWindowProcA
UpdateWindow
GetParent
GetMessageA
DestroyWindow
ClientToScreen
TranslateMessage
ReleaseDC
GetDC
DispatchMessageA
IsWindow
LoadBitmapA
MapWindowPoints

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 540KB - Virtual size: 537KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32fc444a94d88767499f5f5a0f38139e

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

user32

Sections

.text Size: 24KB - Virtual size: 21KB

.data Size: 540KB - Virtual size: 537KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 21KB

.data
Size: 540KB - Virtual size: 537KB

.rsrc
Size: 4KB - Virtual size: 3KB