d5d7950ecaf8a48752d39829e67d673c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5d7950ecaf8a48752d39829e67d673c_JaffaCakes118
Size

122KB
MD5

d5d7950ecaf8a48752d39829e67d673c
SHA1

e455aa11226e6253b01c739e381d356c171d0f2b
SHA256

1defae4edb9d69fa4eb84a3b4f012c5106647a21c62db628527d75457f75718e
SHA512

77fa630e6b1971d3a76537813a3b2c75041033cbb30868bb67521a99ac971c7f5c553c9b48af23b9a7b53dc21165c6145c354523433e0ae7110b8cd653963b6f
SSDEEP

3072:olfUCc0W8qkksQ0Me/bCmR4uoCabZjKfXX3MNP1Du:aUCcJ/kksQe/Go4fFm/X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5d7950ecaf8a48752d39829e67d673c_JaffaCakes118

Files

d5d7950ecaf8a48752d39829e67d673c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

64aec5f2454d2015f934ea65bd47377c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ord195
ord196
DuplicateIcon
DoEnvironmentSubstA

shlwapi

StrChrA

kernel32

FindResourceW
LoadResource
SleepEx
WaitForSingleObjectEx
GetTickCount
WaitForMultipleObjectsEx
ReadFile
GetModuleFileNameW
CreateFileW
FindFirstFileExA
GetLastError
CreateFileMappingW
HeapWalk
EnumResourceTypesW
GetModuleHandleA
FindResourceExW
SetFileAttributesW
ExitProcess
CloseHandle

user32

DestroyCursor
InvalidateRect
BeginPaint
GetSubMenu
CreateIconFromResource
TabbedTextOutW
SetSystemCursor
DestroyWindow
EndPaint
LoadBitmapW
ShowWindow
EnumThreadWindows
SetClipboardViewer
DrawTextA
SetDlgItemTextA
GetClipboardViewer

gdi32

GetBitmapBits
DeleteDC
SetDIBColorTable
CreateHalftonePalette
GetBitmapDimensionEx
DeleteObject
SelectObject
PtInRegion
GetFontUnicodeRanges
GetColorAdjustment
CreateRectRgn
SetTextAlign
EndDoc
CreateDiscardableBitmap
AbortDoc
CreateCompatibleDC
GetGlyphIndicesA

ole32

CoTaskMemFree
CoTaskMemAlloc
GetConvertStg
CoInitialize
CreateStreamOnHGlobal
CoUninitialize

ntdll

_chkstk

Exports

Exports

?FdsgfdjgfFhgdfyd@@YGKK@Z
?UyfudfhGjdjfd@@YGKKKK@Z
?WHfdjgfdGjfdfd@@YGKKK@Z

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 363B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.export
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64aec5f2454d2015f934ea65bd47377c

Headers

File Characteristics

Imports

shell32

shlwapi

kernel32

user32

gdi32

ole32

ntdll

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 363B

.export Size: 512B - Virtual size: 158B

.import Size: 2KB - Virtual size: 1KB

.rsrc Size: 112KB - Virtual size: 111KB

.reloc Size: 512B - Virtual size: 368B

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 363B

.export
Size: 512B - Virtual size: 158B

.import
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 112KB - Virtual size: 111KB

.reloc
Size: 512B - Virtual size: 368B