5fd92c64ea2251dc0a35442757f97029_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5fd92c64ea2251dc0a35442757f97029_JaffaCakes118
Size

214KB
MD5

5fd92c64ea2251dc0a35442757f97029
SHA1

eac33dcdc1130b110900354f918a67c79fbf7e68
SHA256

06f4148d42c5aea720165e2f3b1404b88ea34430dc949259f58be576ab406419
SHA512

1e203c8896233a17eb437c88188012d23368a096a9e18ee8dafa9fc97c1076b52f32cc3754e3e6527fc48d9668a0cd05992a56a151f7ebea5eed9ed2cbd022a4
SSDEEP

6144:v8VFcG1P7tkn0basxe3Ve6/gfcZc9+uoZdszM:0VFv5tk0basxWeEG0uKx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fd92c64ea2251dc0a35442757f97029_JaffaCakes118

Files

5fd92c64ea2251dc0a35442757f97029_JaffaCakes118
.exe windows:4 windows x86 arch:x86

571bae7b84537f841a8c3856feb7448b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
DefWindowProcA
DeleteMenu
DestroyIcon
EmptyClipboard
EnableMenuItem
EnumWindows
GetClientRect
GetDC
GetDCEx
GetDlgItem
GetKeyState
GetParent
GetSubMenu
GetSystemMenu
GetTopWindow
GetWindowRect
InvalidateRect
IsWindowVisible
LoadBitmapA
OemToCharA
OffsetRect
SendDlgItemMessageA
SendMessageA
SetTimer
WaitMessage
WindowFromPoint
wsprintfA

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
ControlService
CryptCreateHash
FreeSid
GetUserNameA
InitiateSystemShutdownA
LookupPrivilegeValueW
RegCreateKeyExA
RegDeleteValueW
RegEnumKeyA
RegEnumKeyW
RegEnumValueW
RegOpenKeyExA
RegOpenKeyW
RegQueryInfoKeyW
SetSecurityDescriptorOwner

gdi32

CreateDCA
CreateHalftonePalette
CreateICA
CreatePalette
EnumEnhMetaFile
GetBrushOrgEx
GetCurrentPositionEx
GetPaletteEntries
GetPixel
GetRgnBox
GetTextMetricsA
OffsetWindowOrgEx
PlayEnhMetaFile
SelectPalette
SetDIBits
SetStretchBltMode

ole32

CoCreateGuid
DoDragDrop
StgCreateDocfileOnILockBytes

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW
ExtractAssociatedIconW
SHAddToRecentDocs
SHChangeNotify
SHFileOperationW
SHGetFolderLocation
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListW
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconW

kernel32

ExitProcess
ExpandEnvironmentStringsA
FindNextFileA
FreeEnvironmentStringsA
GetConsoleMode
GetFileSize
GetFileType
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemTime
GetUserDefaultLangID
GlobalAlloc
GlobalReAlloc
InterlockedDecrement
IsBadWritePtr
LeaveCriticalSection
LocalFree
RaiseException
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
TlsFree
UnmapViewOfFile
WritePrivateProfileStringA

comctl32

CreatePropertySheetPageA
ImageList_Create
ImageList_DragEnter
ImageList_DragLeave
ImageList_GetDragImage
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_Read
ImageList_Remove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetOverlayImage
InitCommonControls

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

fE4iVXUh
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

571bae7b84537f841a8c3856feb7448b

Headers

File Characteristics

Imports

user32

advapi32

gdi32

ole32

shell32

kernel32

comctl32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

fE4iVXUh Size: 2KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

fE4iVXUh
Size: 2KB - Virtual size: 120KB