5f66a60f41555097a93f5d5e081ab5dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f66a60f41555097a93f5d5e081ab5dc_JaffaCakes118
Size

244KB
MD5

5f66a60f41555097a93f5d5e081ab5dc
SHA1

452243a44aa707c1ae67516ae3b5cd7282851662
SHA256

63731a86396a3947b7004498208d19659368386388d7dc95e810eaf52ba57408
SHA512

4d147d4b40e86caf02cd10e5244e325caf2c27c80f893af36b17ad978759acd42f4071fd06669799c9e2a155b31d0509ef8a737ef59106c271cd4fe9bd27b8f6
SSDEEP

6144:thWhTIrzlsgh1MHvZtdV5SqTt9Tr1rFFQNTBxqr05dj/eY:thUTmzlLh1GZR5lt9Tr1h2zqr0H7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f66a60f41555097a93f5d5e081ab5dc_JaffaCakes118

Files

5f66a60f41555097a93f5d5e081ab5dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d98cec0a35b615b0f516716f64f6b0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
GetLastError
VirtualAlloc
LocalReAlloc
FlushFileBuffers
OpenSemaphoreA
GetCurrentThreadId
GlobalLock
VirtualProtect
LocalLock
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetCurrentProcess
MoveFileA
GetFileType
LocalSize
CloseHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
TerminateThread
ResetEvent
Sleep
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetSystemInfo
GetACP
HeapFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount

user32

SetCursor
LoadAcceleratorsA
GetWindowRect
GetWindow
LoadIconA
LoadCursorA
GetDesktopWindow
GetDC
GetCursorPos
SetTimer
ReleaseDC
CreateIcon
IsIconic
SetCursorPos

gdi32

SelectObject
CreateHatchBrush

ole32

CoInitialize

psapi

EnumProcesses
GetWsChanges
GetModuleBaseNameA

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d98cec0a35b615b0f516716f64f6b0d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

psapi

ws2_32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 116KB - Virtual size: 112KB

.data Size: 12KB - Virtual size: 12KB

.tls Size: 4KB - Virtual size: 2KB

.rsrc Size: 88KB - Virtual size: 85KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 116KB - Virtual size: 112KB

.data
Size: 12KB - Virtual size: 12KB

.tls
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 88KB - Virtual size: 85KB