d5c4dfcfdf6c3724627402f1ef61e4d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5c4dfcfdf6c3724627402f1ef61e4d2_JaffaCakes118
Size

327KB
MD5

d5c4dfcfdf6c3724627402f1ef61e4d2
SHA1

b6cf39a02d482ef69097559e77e12a1a20a81e6b
SHA256

444bb5ec1c36fc25541c9c3ef8d552c9d46059bf330651a33904ed24cf8aae08
SHA512

6fffd1a503557850ece534536f9138aeac9cedc7dedff1ea320dcd9507246f29d92fb652d74fe5fe57f72a2b1394e62396f6ccb297132aefc547394e1fb9d5cf
SSDEEP

6144:1xUKLVQrxsx5lNaIOiD4glnDuVyjAH2CBtH3fypbxnkXr6s9cG9:1qKxQrE5XaIl4glnD3jHctPKbxe3f9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5c4dfcfdf6c3724627402f1ef61e4d2_JaffaCakes118

Files

d5c4dfcfdf6c3724627402f1ef61e4d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab2703d4647170ff7b5a4f05d59a1015

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageW
EnumWindowStationsA
ScreenToClient
CreateWindowExW
GetWindowLongW
CharNextW
GetParent
SetTimer
GetClientRect
KillTimer
LoadImageW
DestroyWindow
TranslateAcceleratorW
GetDlgItem
SetWindowLongW
SetDlgItemTextW
MoveWindow
SetFocus
InvalidateRect
CallWindowProcW

kernel32

OutputDebugStringA
GetModuleFileNameW
GlobalUnlock
DeleteCriticalSection
LCMapStringW
UnmapViewOfFile
GetComputerNameExW
GetConsoleCP
LCMapStringA
EnumUILanguagesW
MultiByteToWideChar
GetLocaleInfoA
FlushFileBuffers
lstrcmpiW
InterlockedIncrement
LocalFree
GetThreadPriorityBoost
MapViewOfFile
GetLastError
GetLocaleInfoW
FindResourceW
UnhandledExceptionFilter
GlobalAlloc
GetCurrentThreadId
GetACP
GetConsoleOutputCP
GetStringTypeW
InitializeCriticalSection
GetCurrentProcess
LockResource
WriteFile
FlushInstructionCache
SetStdHandle
LoadLibraryW
CreateFileMappingW
WriteConsoleA
FreeLibrary
ExitProcess
GetVersionExW
GetModuleHandleW
InterlockedDecrement
LoadLibraryExA
SearchPathW
InterlockedExchange
LoadResource
WriteConsoleW
MulDiv
LeaveCriticalSection
WideCharToMultiByte
GlobalFree
LoadLibraryExW
GlobalLock
InitializeCriticalSectionAndSpinCount
CreateFileA
GetSystemDefaultUILanguage
Sleep
SetUnhandledExceptionFilter
GetCPInfo
CreateFileW
SizeofResource
SetFilePointer
GetConsoleMode
GetStringTypeA
FindResourceExW
GetProcAddress
RaiseException
lstrlenW
FormatMessageW
EnterCriticalSection
GetOEMCP
SetLastError
lstrcmpW
HeapAlloc

msimg32

TransparentBlt

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab2703d4647170ff7b5a4f05d59a1015

Headers

File Characteristics

Imports

user32

kernel32

msimg32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 128KB - Virtual size: 128KB

.edata Size: 5KB - Virtual size: 76KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 128KB - Virtual size: 128KB

.edata
Size: 5KB - Virtual size: 76KB