5f8a8e1ee75431990541e7a34b8d6545_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5f8a8e1ee75431990541e7a34b8d6545_JaffaCakes118
Size

966KB
MD5

5f8a8e1ee75431990541e7a34b8d6545
SHA1

a336ac2af82dcf71ce141a8b2696a7a0f9a21eb6
SHA256

5d0788be22e811273d4b4b914a81bd6374ec45469b61901f94fdbc4a4a73653a
SHA512

2be0e33a6752ab011f42d3cd05feed1e92e7a1d5cf219492243cbb446a57d3ef3db81ff22b869fd86c5f83658fd3d955273536856c853a88d3fc9b40acd5714b
SSDEEP

24576:3f1lLY+UKbQXNrWHxwssGPAYRQs/kl5M9Ib708A:3f1G+UKkKpjPAkb/kXMFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f8a8e1ee75431990541e7a34b8d6545_JaffaCakes118

Files

5f8a8e1ee75431990541e7a34b8d6545_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97b181fe8d26f2f0713057294ec60bbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetFileAttributesExA
Beep
GetConsoleCursorInfo
LocalSize
SwitchToFiber
ReleaseMutex
SetSystemTime
GetLongPathNameA
GetBinaryTypeW
ClearCommBreak
CopyFileExW
GetConsoleMode
TlsGetValue
WritePrivateProfileStructA
GlobalFlags
IsBadWritePtr
ExpandEnvironmentStringsW
GlobalAddAtomW
CreateDirectoryA
GetTapeStatus
VirtualQueryEx
SetConsoleCursorPosition
GetBinaryTypeA
CreateMutexA
GlobalFindAtomW
ExitProcess
GlobalGetAtomNameW
SetEnvironmentVariableA
SetThreadLocale
lstrcmpA
FindFirstFileExW
IsBadReadPtr
GlobalFindAtomA
FormatMessageW
FindFirstFileA
FindCloseChangeNotification
RemoveDirectoryW
SetEndOfFile
CreateWaitableTimerA
GetSystemDirectoryW
GetDriveTypeW
ReleaseSemaphore
GetUserDefaultLCID
FreeLibraryAndExitThread
SearchPathW
GetCurrentDirectoryW
OutputDebugStringA
GetFileType
LocalReAlloc
WaitNamedPipeA
GetProcessHeap
VirtualLock
TryEnterCriticalSection
IsProcessorFeaturePresent
DeleteFiber
GetNumberFormatW
GetThreadPriority
GetDriveTypeA
EnumResourceNamesA
VirtualAllocEx
GetFileAttributesA
OpenMutexA
SetMailslotInfo
GetLocaleInfoW
PeekConsoleInputW
FreeResource

user32

SystemParametersInfoW
SetWindowsHookExW
LoadBitmapW
SwitchToThisWindow
LoadMenuW
SetProcessWindowStation
EnumWindowStationsA
GetClassNameA
EndPaint
EnableMenuItem
SetProcessDefaultLayout
IsMenu
GetDlgItemTextA
CreateMDIWindowW
UnregisterDeviceNotification
GetWindowTextLengthW
MapWindowPoints
InsertMenuItemW
GetScrollInfo
SendNotifyMessageW
DispatchMessageA
CreateCaret
SetClipboardData
GetWindowTextA
SetPropW
SwitchDesktop
CallNextHookEx
SendMessageTimeoutW
SendMessageA
CountClipboardFormats
keybd_event
IsCharLowerW
PtInRect
CheckMenuItem
ShowCursor
CallWindowProcW
GetWindowPlacement
EnableWindow
SetRectEmpty
HiliteMenuItem
SetWinEventHook
CharToOemBuffA
CreatePopupMenu
SetWindowTextA
LoadIconA
GetClientRect
GetPropA
GetActiveWindow
CheckDlgButton
GetSystemMetrics
GetCursorPos
TranslateAcceleratorW
DispatchMessageW
CreateDesktopA
CharUpperA
MessageBoxIndirectW
GetWindowInfo
GetGuiResources
BeginDeferWindowPos
MonitorFromRect
CreateDialogIndirectParamA
CopyAcceleratorTableW
GetTabbedTextExtentW
GetTopWindow
GetKeyboardLayoutNameA
PeekMessageW

gdi32

GetEnhMetaFilePaletteEntries
RectInRegion
SetBkMode
CopyMetaFileW
Rectangle
SetRectRgn
Polygon
RealizePalette
GetStretchBltMode
CreateFontIndirectW
SetPolyFillMode
ExtEscape
ChoosePixelFormat
ExtTextOutW
CloseFigure
ExtCreateRegion

advapi32

RegLoadKeyA
RegisterServiceCtrlHandlerW
RegDeleteValueA
ImpersonateNamedPipeClient
CryptVerifySignatureA
RegQueryValueW
RevertToSelf
BuildTrusteeWithNameW
SetTokenInformation
RegSetValueA
CopySid
RegOpenKeyW
RegOpenKeyExA
AbortSystemShutdownA
GetFileSecurityA
AdjustTokenPrivileges
RegDeleteValueW
CryptHashData
CryptDecrypt
LookupPrivilegeValueA
EnumDependentServicesW
RegCreateKeyExW
CryptReleaseContext

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
Shell_NotifyIconA
SHLoadInProc
FindExecutableW

ole32

OleCreate
CoInitializeEx
ReadClassStm
OleGetIconOfClass
CoMarshalInterThreadInterfaceInStream
OleCreateFromData
OleBuildVersion

oleaut32

SafeArrayRedim
SafeArrayGetElement
SafeArrayCreate
SysStringLen

comctl32

ImageList_BeginDrag
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathAppendW
SHStrDupW
PathCanonicalizeW
ChrCmpIW
PathRelativePathToW
PathCanonicalizeA
SHRegCloseUSKey
PathIsURLW
PathFindFileNameW
SHRegGetUSValueW
StrToIntExW
PathAppendA
StrFormatByteSize64A
StrStrIA
UrlCombineW
PathStripToRootA
PathAddBackslashA
StrStrW
AssocQueryStringW

Sections

.text
Size: 11KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 611KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97b181fe8d26f2f0713057294ec60bbc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 11KB - Virtual size: 228KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 611KB - Virtual size: 611KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 11KB - Virtual size: 228KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 611KB - Virtual size: 611KB

.rsrc
Size: 17KB - Virtual size: 16KB