b5c14fc025ebe88f8726e4eacf1ee7e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5c14fc025ebe88f8726e4eacf1ee7e0_JaffaCakes118
Size

434KB
MD5

b5c14fc025ebe88f8726e4eacf1ee7e0
SHA1

36b045f32b0fa0a95b1f49b57f7ce94ebb5424e6
SHA256

3a233365920e4f054de2148ba5da893b5743403a5b37961510183d9f1e9cd4b1
SHA512

4ba4e1bffc30dcbbafd307b9a40a74607758d0616a03ab6ac371be236d303ecd0bc01c6b5d8928b905e1d55a2b1b3f516eb8c67e7e9e3adaab796314b64bd0e4
SSDEEP

12288:xCw/vdSr8kzy5RzmqSfe8pGUeJVVW5JOD5:Pc1qSRDq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5c14fc025ebe88f8726e4eacf1ee7e0_JaffaCakes118

Files

b5c14fc025ebe88f8726e4eacf1ee7e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d73b803107359bc6ff73304e5afa83d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetOEMCP
GetCommandLineA
GetVersionExA
GetTickCount
EnterCriticalSection
QueryPerformanceCounter
GetCommandLineW
SizeofResource
GetFileAttributesA
HeapReAlloc
GetModuleFileNameW
CreateDirectoryW
MultiByteToWideChar
ReadFile
TlsGetValue
CompareStringA
GetFileType
GlobalAlloc
GetEnvironmentStrings
SetStdHandle
FreeLibrary
GetLocaleInfoA
Sleep
FindCloseChangeNotification
GetFileSizeEx
WideCharToMultiByte
GetEnvironmentStringsW
HeapFree
VirtualAlloc
CompareStringW
GetTimeZoneInformation
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoW
HeapSize
RtlUnwind
GetACP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
SetConsoleCtrlHandler
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
FatalAppExitA
LeaveCriticalSection
GetSystemTimeAsFileTime
SetEnvironmentVariableA
VirtualFree
GetProcessHeap
HeapCreate
HeapDestroy
HeapAlloc
GetStartupInfoA
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetLastError
SetHandleCount
DeleteCriticalSection
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread

user32

TranslateMessage
MessageBoxW
GetCursorPos
GetClientRect
GetMenuItemCount
InvalidateRect
BeginPaint
GetWindowTextLengthA
SetRectEmpty
GetWindowPlacement
GetWindowTextW
DestroyWindow
SetForegroundWindow
ReleaseDC
ShowWindow
IsWindowEnabled
GetWindowTextA
EnableWindow
EndDialog
SendMessageA
GetWindowLongW
LoadStringW
GetParent
SetTimer
GetSystemMetrics
MessageBoxA
GetWindowDC

shell32

SHGetIconOverlayIndexA

iphlpapi

DeleteIpForwardEntry

scarddlg

ord4

Sections

.text
Size: 409KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d73b803107359bc6ff73304e5afa83d4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

iphlpapi

scarddlg

Sections

.text Size: 409KB - Virtual size: 408KB

.data Size: 6KB - Virtual size: 28KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 409KB - Virtual size: 408KB

.data
Size: 6KB - Virtual size: 28KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 4KB