b5752dd26f2691199603f6dcf9ada6b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5752dd26f2691199603f6dcf9ada6b2_JaffaCakes118
Size

136KB
MD5

b5752dd26f2691199603f6dcf9ada6b2
SHA1

d6cb727d6cda8455600ab30d871ba19ad5f2c621
SHA256

76f0311a8204b4730c81c6e0c8c024faefb39c009853a4e9afde12cd8729c5bb
SHA512

2616633576e701dd285c14b50b96b5420bb3de532dd4de504e11e92d528104b6a74316b7683c5386dfbadcd3da0faea38411c9d20aaa77271249703857bc3115
SSDEEP

3072:ZuDfGt8sYoK4IjO6y0HJqbtLpx7wS26LvFQmKlYLMlG6nnQj:2GGLZHgbtLnwB6LvFoOglG6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5752dd26f2691199603f6dcf9ada6b2_JaffaCakes118

Files

b5752dd26f2691199603f6dcf9ada6b2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

65d23d7db8a86de3bbde41a31c7780ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

IsCharSpaceA
SHRegEnumUSKeyA
StrDupW
StrCmpNA
StrDupA

shell32

SHGetSpecialFolderPathA
SHCreateDirectoryExW

kernel32

GlobalMemoryStatus
SearchPathW
PeekNamedPipe
SetEndOfFile
SetEvent
GetCurrentThread
FindResourceExA
CopyFileW
GetNamedPipeInfo
GetBinaryTypeA
PulseEvent
ReleaseSemaphore
FindClose
_hwrite
FindAtomA
GetThreadPriority
WaitCommEvent
SetFileShortNameA
GetVersion
lstrcpyA
GetTempPathA
lstrcatW
lstrcmpiW
GetSystemInfo
lstrcmpiA
GetSystemTimeAdjustment
SetLocalTime
GetModuleHandleW
lstrlenA
FindResourceA
FileTimeToLocalFileTime
_lopen
GetLocalTime
FormatMessageA
CompareFileTime
SetThreadPriority

user32

IsCharAlphaNumericW
CharUpperA
MapDialogRect
SetActiveWindow
PrivateExtractIconsW
SetWindowPlacement
CharUpperBuffA
SetWindowPos
LookupIconIdFromDirectory
EndPaint
GetUpdateRgn
GetPropA
DeleteMenu
LoadCursorW
RemovePropA
SendMessageA
GetMenuItemInfoW
BeginPaint
GetDC
TranslateMessage
LoadAcceleratorsW
GetCursorInfo
InvalidateRect
EnumPropsA
PeekMessageW
TranslateAcceleratorA
DestroyCursor
EnableScrollBar
PostMessageA
DispatchMessageA
SetWindowTextA
ReleaseDC

gdi32

InvertRgn
CreateCompatibleBitmap
CreateDCW
DeleteDC
Polyline
GetSystemPaletteEntries
GetTextExtentPointA
SetBkColor
SetBoundsRect
CreateBitmapIndirect
GetObjectType
DeleteObject
ExcludeClipRect
GetCharWidthW
CreateDCA
LineDDA
PtVisible
OffsetClipRgn
CreateScalableFontResourceA
SetSystemPaletteUse

advapi32

ObjectCloseAuditAlarmW
EqualPrefixSid
EqualSid
PrivilegedServiceAuditAlarmA
IsValidSid

Exports

Exports

_Copy_Image@12
_Create_Image@12
_Set_Image@12
_Update_Image@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vars
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EXPORT
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IMPORT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65d23d7db8a86de3bbde41a31c7780ad

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.code Size: 4KB - Virtual size: 3KB

.vars Size: 512B - Virtual size: 504B

EXPORT Size: 512B - Virtual size: 155B

IMPORT Size: 3KB - Virtual size: 2KB

.rsrc Size: 118KB - Virtual size: 117KB

.reloc Size: 1024B - Virtual size: 604B

.text
Size: 8KB - Virtual size: 8KB

.code
Size: 4KB - Virtual size: 3KB

.vars
Size: 512B - Virtual size: 504B

EXPORT
Size: 512B - Virtual size: 155B

IMPORT
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 118KB - Virtual size: 117KB

.reloc
Size: 1024B - Virtual size: 604B