d5b891e8fa3d912488268cac8a7c5523_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5b891e8fa3d912488268cac8a7c5523_JaffaCakes118
Size

458KB
MD5

d5b891e8fa3d912488268cac8a7c5523
SHA1

02834437f4ee2b8209d3819823a99ab8dd4ce99c
SHA256

31d96bb50a30ce1c50c30cca16ea665db1f8dfcb295e5e8e41df62d7dabe4d87
SHA512

20909ab8da951fe414783db4e0d20ac1b985268a401c8f0166b3c4e97ee04c506d730819f9902db66516157f5b56c24df665f5a0b2cfd41dd83865a5d0c0e724
SSDEEP

12288:n0CIA8kay0seEhlGQjvf1GBRMdBYMWU7AJbBH8:n0CIBkay0sergf1G8eQAJbV8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5b891e8fa3d912488268cac8a7c5523_JaffaCakes118

Files

d5b891e8fa3d912488268cac8a7c5523_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11a0c94a43f3a7a516f3807feace7a4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

DdeSetQualityOfService
GetMenuStringW
GetInputState
BroadcastSystemMessageW
SetClassWord
CallWindowProcA
InSendMessageEx
FillRect
RegisterClassExA
RegisterClassA
IsMenu
CreateIconFromResourceEx
ModifyMenuA
EnumPropsExW
GetDlgItemInt
DdeFreeDataHandle
DdeUninitialize
GetUserObjectSecurity
TranslateAccelerator
DefMDIChildProcA
CharUpperW
GetDCEx
TileWindows
DeleteMenu
SendInput

kernel32

CompareStringW
GetEnvironmentStrings
WaitNamedPipeW
TlsFree
GetStringTypeA
GetProcessHeaps
HeapCreate
GetCommandLineA
GetModuleFileNameA
GetPrivateProfileStructA
FreeEnvironmentStringsA
GetCurrentProcessId
GetVersion
DeleteCriticalSection
GetLastError
TlsGetValue
ContinueDebugEvent
VirtualQuery
GetStringTypeW
VirtualAlloc
HeapFree
FlushFileBuffers
TlsAlloc
SetEnvironmentVariableA
GetStdHandle
WriteProfileSectionW
OpenMutexA
GetModuleFileNameW
CreateFileW
CreateMutexA
GetCurrentProcess
RtlFillMemory
LCMapStringA
GetCurrentThreadId
GetStartupInfoW
FindNextChangeNotification
ReadConsoleInputW
RtlUnwind
GetCPInfo
CompareStringA
SetLastError
LeaveCriticalSection
GetCommandLineW
GetTimeZoneInformation
TlsSetValue
LoadLibraryA
HeapAlloc
WriteFile
GetSystemTimeAsFileTime
HeapDestroy
InterlockedExchange
GetModuleHandleA
GetFileType
VirtualFree
SetFilePointer
HeapReAlloc
GetEnvironmentStringsW
CloseHandle
IsBadWritePtr
WideCharToMultiByte
GetTickCount
WriteConsoleA
ReadFile
ExitProcess
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
GetProfileIntW
GetProcAddress
SetStdHandle
SetHandleCount
FindResourceExW
LCMapStringW
GetProcAddress
UnhandledExceptionFilter
GetSystemTime
FindNextFileA
FreeEnvironmentStringsW
GetLocalTime
EnterCriticalSection
GetStartupInfoA
QueryPerformanceCounter
MultiByteToWideChar
GetCurrentThread
TerminateProcess

advapi32

StartServiceW
RegQueryValueA
RegQueryValueExA
RegDeleteValueA
LookupAccountNameA
RegQueryInfoKeyW
CryptDeriveKey
RegQueryValueW
CryptContextAddRef
RegOpenKeyExW
LogonUserW
RegEnumKeyW
CreateServiceW
StartServiceA
RevertToSelf
InitiateSystemShutdownA
RegSetKeySecurity
LookupPrivilegeValueA
CryptEnumProvidersW
RegSaveKeyA
CryptVerifySignatureW
ReportEventA

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11a0c94a43f3a7a516f3807feace7a4e

Headers

File Characteristics

Imports

comctl32

user32

kernel32

advapi32

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 5KB - Virtual size: 14KB

.data Size: 310KB - Virtual size: 310KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 5KB - Virtual size: 14KB

.data
Size: 310KB - Virtual size: 310KB

.rsrc
Size: 4KB - Virtual size: 4KB