d5ae174242deb4c8aa7975092f5b3f8a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5ae174242deb4c8aa7975092f5b3f8a_JaffaCakes118
Size

1.7MB
MD5

d5ae174242deb4c8aa7975092f5b3f8a
SHA1

f7cc889bffeeea63de161692ddf4f4bbf598514e
SHA256

c99a4eedfab577958aeacad7f5312f8499c2f5bd560de8bf74d2b565c738e4f7
SHA512

80c69b6e806d44fa27216ec758c27954538904912772fdc135a4d6a036b17a50f9a3ab77bcf17e72f1a4fd21e3d5df603e34c0ff9f602d0fdf2d5f9377e124a8
SSDEEP

24576:4ERnKvKt9IsZUCnUE1OYNWKAcZJUP7e1zZv2q0ZMEQer28wYdHXEnCeswZfKUHQr:HnK+dus3OYW0Y9qTvhYB65ZfDHjbwzB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5ae174242deb4c8aa7975092f5b3f8a_JaffaCakes118

Files

d5ae174242deb4c8aa7975092f5b3f8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47c089c66b5605ae8379746751d16b97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
_lclose
_lopen
_lcreat
lstrcpyA
GetProcAddress
LoadLibraryA
lstrlenA
GetWindowsDirectoryA
GlobalHandle
_lwrite
GetVersionExA
WinExec
_llseek
_lread
GlobalUnlock
GlobalFree
GlobalAlloc
SetErrorMode
GetModuleFileNameA
GlobalLock
GetLastError
GetCurrentProcess
GetStdHandle
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
WriteFile
DeleteFileA
GetEnvironmentStrings
FreeEnvironmentStringsW
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsA
VirtualFree
HeapCreate
VirtualAlloc
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetEnvironmentStringsW
GetVersion
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapDestroy

user32

ExitWindowsEx
MessageBoxA
LoadIconA
RegisterClassA
LoadCursorA
ShowWindow
UpdateWindow
SetWindowPos
wsprintfA
ReleaseDC
GetDC
PostQuitMessage
BeginPaint
EndPaint
DefWindowProcA
SendMessageA
InvalidateRect
GetClientRect
CreateWindowExA

gdi32

DeleteObject
GetStockObject
GetDeviceCaps
RealizePalette
SelectPalette
SelectObject
PatBlt
CreateSolidBrush
CreatePalette

Exports

Exports

_MainWndProc@16
_StubFileWrite@12

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47c089c66b5605ae8379746751d16b97

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 1024B

.data Size: 5KB - Virtual size: 5KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 1024B

.data
Size: 5KB - Virtual size: 5KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 2KB - Virtual size: 2KB