5f9d43d0bd9c74613834828b8481b242_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f9d43d0bd9c74613834828b8481b242_JaffaCakes118
Size

441KB
MD5

5f9d43d0bd9c74613834828b8481b242
SHA1

f5cb416642db7d82eca745789794e08db90324f2
SHA256

84ca9564f973a4c149093baa25148dfd971b5ee8109e62b197e249bcf50d12d9
SHA512

edcc90b46b58104213358b01502cecf61a015356b7ac1fc4f12e0e63ba01aec4e2021160903bf13d64729a07caf75fff4ec65b5aa6c7651581c652bfbc01386d
SSDEEP

6144:Mc0A9gtsrmFM6Wfmzu6SMd80ciT+fAwgX55XjJ4Rx2UHeTryfT3mTXy3:XB9Uxq6iJqTYe/jJYR+T2IXy3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f9d43d0bd9c74613834828b8481b242_JaffaCakes118

Files

5f9d43d0bd9c74613834828b8481b242_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48978774e757f591c6bc19cfda6b8b45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFile
CompareStringA
HeapCreate
GetTimeZoneInformation
EnumCalendarInfoW
GetTimeFormatA
LCMapStringW
EnterCriticalSection
GetCommandLineA
HeapAlloc
SetHandleCount
EnumSystemLocalesA
FreeEnvironmentStringsW
InterlockedIncrement
GetModuleHandleA
QueryPerformanceCounter
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetLocaleInfoA
GetSystemTimeAsFileTime
TlsSetValue
CompareStringW
RtlUnwind
GetStringTypeA
VirtualQuery
GetLastError
GetCPInfo
WideCharToMultiByte
DeleteCriticalSection
TlsFree
GetProfileStringA
HeapDestroy
GetOEMCP
MultiByteToWideChar
GetUserDefaultLCID
WriteFile
GetStringTypeW
IsValidLocale
SetConsoleCtrlHandler
GetVersionExA
OpenSemaphoreA
GetEnvironmentStrings
LeaveCriticalSection
GetStartupInfoA
SetEnvironmentVariableA
TerminateProcess
SetLastError
GetSystemInfo
HeapSize
GetEnvironmentStringsW
VirtualFree
GetProcAddress
TlsAlloc
InterlockedExchange
ExitProcess
HeapFree
GetFileType
InitializeCriticalSection
TlsGetValue
GetStdHandle
DebugBreak
HeapReAlloc
GetDateFormatA
GetLogicalDrives
IsBadWritePtr
GetACP
GetCurrentProcess
LCMapStringA
GetTickCount
VirtualProtect
LoadLibraryA
GetModuleFileNameA
VirtualAlloc
IsValidCodePage
EnumResourceTypesW
GetCurrentThread
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
GetLocaleInfoW

gdi32

GetTextFaceA
SetICMProfileA
CreateDIBPatternBrush
ScaleViewportExtEx
PolyBezier
SetMagicColors
GetGlyphOutlineW
SetColorSpace
EnumFontFamiliesExW
PolyPolygon

wininet

InternetSetCookieA
InternetReadFile

comdlg32

ReplaceTextW
ChooseColorA
ChooseFontA
GetOpenFileNameW

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48978774e757f591c6bc19cfda6b8b45

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

comdlg32

Sections

.text Size: 139KB - Virtual size: 138KB

.rdata Size: 7KB - Virtual size: 16KB

.data Size: 278KB - Virtual size: 278KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 139KB - Virtual size: 138KB

.rdata
Size: 7KB - Virtual size: 16KB

.data
Size: 278KB - Virtual size: 278KB

.rsrc
Size: 15KB - Virtual size: 15KB