5f5367638d0e8389960ff29c2a19bb66_JaffaCakes118

General

Target

5f5367638d0e8389960ff29c2a19bb66_JaffaCakes118
Size

32KB
MD5

5f5367638d0e8389960ff29c2a19bb66
SHA1

2fdfc73c5c271db904da3f149acec891cdab95a3
SHA256

23ed526a9e4bbbe7d8ed26f99208c9bc572a9d276226bebd83be8215bcbe72e8
SHA512

89b6d1d9c2f388fe26fba53bc73f81999975524c551025aaa245b5344c750b2bc9e00559326e1598e319a17b86e33bf478bdec7915004b5469c1e18bfbd3b778
SSDEEP

384:dZ3uCWGZvhcJyenS3wH+EZ2N3BhzQ+1uHaivoqOMyxTZO9c2QRGNdXq1iQhpZk3G:ddjWysyBuI3nQ0W7gnFm9cvzi4pZkLD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f5367638d0e8389960ff29c2a19bb66_JaffaCakes118

Files

5f5367638d0e8389960ff29c2a19bb66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

154d8295d4bc54aff1edafd6c660a3ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
FindWindowA

kernel32

GetModuleFileNameA
GetSystemDirectoryA
GetTempPathA
GlobalAlloc
GlobalFree
LoadResource
LockResource
MapViewOfFile
GetFileSize
ReadFile
RtlZeroMemory
SizeofResource
ExitProcess
WriteFile
lstrcatA
lstrcpyA
lstrlenA
GetCurrentDirectoryA
FindResourceA
OutputDebugStringA
FindFirstFileA
WriteProcessMemory
CreateRemoteThread
Module32Next
Thread32First
LoadLibraryA
TerminateThread
Thread32Next
OpenProcess
DeleteFileA
CreateFileMappingA
CreateFileA
CopyFileA
CloseHandle
Module32First
Process32First
CreateToolhelp32Snapshot
UnmapViewOfFile
lstrcmpiA
GetVersionExA
GetCurrentProcess
GetProcAddress
GetModuleHandleA
Process32Next
VirtualAllocEx

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

oleaut32

SysAllocStringByteLen
SysFreeString

shell32

ShellExecuteA

wininet

InternetOpenUrlA
InternetOpenA

msvcrt

_stricmp
_local_unwind2
_except_handler3
strrchr
fopen
ftell
fseek
fclose
printf

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

154d8295d4bc54aff1edafd6c660a3ff

Headers

File Characteristics

Imports

user32

kernel32

advapi32

oleaut32

shell32

wininet

msvcrt

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 7KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 7KB

.rsrc
Size: 20KB - Virtual size: 20KB