5fb949ba83463d4e0d1bd4a97e0565cc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5fb949ba83463d4e0d1bd4a97e0565cc_JaffaCakes118
Size

328KB
MD5

5fb949ba83463d4e0d1bd4a97e0565cc
SHA1

17d8cfd7e2430b9f41f771d3f8e6895da0bd213b
SHA256

83ab0e632ed6a27dac4240ed2a4bc7dc59063cd4c399c7e661283579070107c6
SHA512

b2a0cedc4b0964b35004e1e93a95a0220db8c2f0ae24c73fd3b7aeaeb218286f98956ae9e6a2af73828314f12c61ff6cbb61455785a7cde721db8ef8fbaf1d1c
SSDEEP

6144:2vHTbnUcT+eNrI7DfpNsGscL6j4XrOtvcVhHO7/IerxRo7vU:2vzbnUreADjvkE7OtvchI1c7vU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fb949ba83463d4e0d1bd4a97e0565cc_JaffaCakes118

Files

5fb949ba83463d4e0d1bd4a97e0565cc_JaffaCakes118
.exe windows:0 windows x86 arch:x86

e88f31be67db1d6f5f26409cf20faaa1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

EraseTape
GetTickCount
EnterCriticalSection
GetUserDefaultLCID
GlobalAlloc
FindNextVolumeMountPointW
SetFileTime
CreateHardLinkW
GetModuleFileNameW
CreateFileW
HeapAlloc
VerSetConditionMask
MoveFileExW
LocalFree
CloseHandle
SystemTimeToFileTime
GetVolumeNameForVolumeMountPointW
LeaveCriticalSection
GetWindowsDirectoryW
CloseHandle
DeviceIoControl
VirtualFree
GetLogicalDriveStringsW
LockFile
GetCurrentProcess
GetCurrentThread
FileTimeToSystemTime
UnhandledExceptionFilter
GetVersionExA
SetPriorityClass
GetDateFormatW
CreateMutexW
VirtualAlloc
SetTapeParameters
SetCurrentDirectoryW
ReleaseSemaphore
DeleteFileW
GetCurrentProcessId
HeapFree
PrepareTape
FindClose
InitializeCriticalSection
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
GetTapePosition
WriteFile
CreateSemaphoreW
BackupRead
WideCharToMultiByte
GetTimeFormatW
GetFileInformationByHandle
SetFilePointer
CompareStringW
GetPriorityClass
GetFileAttributesW
ReleaseMutex
FindVolumeMountPointClose
SetFileShortNameW
GetTapeParameters
GetCurrentThreadId
FindFirstFileW

msorcl32

SQLColumns
SQLDescribeCol
SQLFreeConnect
SQLFreeStmt
SQLExecute
SQLForeignKeys
SQLSetCursorName
SQLBindCol
ConfigDSN
SQLSetScrollOptions
SQLPutData
SQLAllocEnv
SQLFreeEnv
SQLGetInfo
SQLDescribeParam
SQLNumParams
SQLPrepare
SQLFetch
SQLProcedures
SQLColAttributes
SQLGetCursorName
SQLSetStmtOption
SQLBrowseConnect
SQLStatistics
SQLExecDirect
DllRegisterServer
SQLRowCount

mscms

GetNamedProfileInfo
GetStandardColorSpaceProfileA
InternalGetPS2CSAFromLCS
GetColorProfileElementTag
UnregisterCMMA
EnumColorProfilesA
CheckBitmapBits
GetPS2ColorRenderingIntent
GetColorProfileHeader
CreateProfileFromLogColorSpaceA
InternalGetDeviceConfig
InternalGetPS2ColorSpaceArray
SetStandardColorSpaceProfileA
GetCMMInfo
SpoolerCopyFileEvent
SetColorProfileElementReference
GetPS2ColorSpaceArray
DeleteColorTransform
DisassociateColorProfileFromDeviceW
CreateColorTransformA
CreateColorTransformW
CheckColors
AssociateColorProfileWithDeviceW
RegisterCMMA
GetPS2ColorRenderingDictionary

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e88f31be67db1d6f5f26409cf20faaa1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msorcl32

mscms

Sections

.text Size: 196KB - Virtual size: 196KB

.data Size: 33KB - Virtual size: 33KB

.rsrc Size: 97KB - Virtual size: 608KB

.text
Size: 196KB - Virtual size: 196KB

.data
Size: 33KB - Virtual size: 33KB

.rsrc
Size: 97KB - Virtual size: 608KB