f5005fd03d510702dde2da9cb0a5bdfc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5005fd03d510702dde2da9cb0a5bdfc_JaffaCakes118
Size

169KB
MD5

f5005fd03d510702dde2da9cb0a5bdfc
SHA1

5ccf443573acdc83a155ee8c7fb3b7950322ac42
SHA256

31cf05254dcd95ae1a23f2a85e8d6723192872f9492272e9dd58bd1519af6911
SHA512

9127094953e2ba88413c7a31d4287182fbcaa6c1ab56536588bde55cb5c270ab94e196a328441bc111c276f04e9a35167aab3d8c08b8fdcab6921b75afc43c36
SSDEEP

3072:fHjLrcTcUDCuWBvkc2aD7QBjZ/wJgLU5Nd+zRLiQvj1SA30MPRzpPaUmZDke:PQTcU2XBvR1gBjqJgoUNiQvBSA37+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5005fd03d510702dde2da9cb0a5bdfc_JaffaCakes118

Files

f5005fd03d510702dde2da9cb0a5bdfc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f13958fff67cda0f76bd83f277f7bcf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfig2A
CloseServiceHandle
GetSecurityDescriptorControl
GetUserNameA
LockServiceDatabase
LookupPrivilegeValueA
QueryServiceStatus
RegEnumValueA
RegFlushKey
RegOpenKeyA
RegQueryInfoKeyA
RegQueryValueA

kernel32

AddAtomA
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeLibrary
GetCPInfo
GetComputerNameA
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetFileTime
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GetVersionExA
GetWindowsDirectoryA
GlobalLock
HeapDestroy
HeapFree
HeapSize
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
IsBadWritePtr
IsDebuggerPresent
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LocalFree
MoveFileA
MoveFileExA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ReleaseMutex
RemoveDirectoryA
ResumeThread
SetFileAttributesA
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcatA
lstrcmpiA

ole32

CLSIDFromProgID
CoInitialize
CoMarshalInterThreadInterfaceInStream
PropVariantClear

user32

CreateWindowExA
DefWindowProcA
DestroyIcon
DialogBoxParamA
DrawFocusRect
FindWindowA
GetClassNameA
GetClientRect
GetDC
GetDlgCtrlID
GetMessageA
GetSubMenu
GetSysColor
GetWindowTextA
IsIconic
IsWindow
LoadCursorA
MessageBoxA
PeekMessageA
PostQuitMessage
RegisterClassA
RegisterClipboardFormatA
SetDlgItemTextA
SetRect
SetWindowLongA
SetWindowPos
SetWindowRgn
TranslateMessage
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: - Virtual size: 272KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 167KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f13958fff67cda0f76bd83f277f7bcf8

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

.text Size: - Virtual size: 272KB

.data Size: 167KB - Virtual size: 168KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: - Virtual size: 272KB

.data
Size: 167KB - Virtual size: 168KB

.rsrc
Size: 1KB - Virtual size: 1KB