f5950195f4a58a58aa9c325d8d5866e5_JaffaCakes118

General

Target

f5950195f4a58a58aa9c325d8d5866e5_JaffaCakes118
Size

408KB
MD5

f5950195f4a58a58aa9c325d8d5866e5
SHA1

48364ec1ba12f67cda83f762f03b04c689a4a658
SHA256

11d663f5f4135f614df077803224e0a97149c91ac51f8e6d51c1c0d39063c98a
SHA512

0725abf3f8176a1119d9da5c251531277782c00a202675dcb953cc7e3490cf57e9807de5c9377a1fce9559881799e246d126883b9818dc90dca657e14d740e42
SSDEEP

12288:k4vX0ghfVen/HeQ5ab/qyg4wZS3W5BaOQQSqHMOPRXfTAVVJqG:Hv0Y4GmM9gV5sOQQSePJCVJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5950195f4a58a58aa9c325d8d5866e5_JaffaCakes118

Files

f5950195f4a58a58aa9c325d8d5866e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b1450916132e88c80cb15d676e184fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
SetSystemTime
WaitForMultipleObjectsEx
VirtualAllocEx
QueryPerformanceCounter
GlobalAddAtomA
HeapAlloc
LoadLibraryA
GetFileAttributesW
ExitProcess
GetConsoleCursorInfo
EnumCalendarInfoW
EnumCalendarInfoExW
GetSystemTimeAsFileTime
InterlockedExchange
GetTickCount
FlushInstructionCache
GetModuleHandleA
SetEvent
WritePrivateProfileStructA
RtlUnwind
TerminateProcess
GetModuleFileNameA
HeapReAlloc
GetShortPathNameA
GetCurrentThreadId
VirtualAlloc
FindResourceExA
GetProcAddress
FindFirstFileExA
GetCurrentProcess
HeapFree
OpenFileMappingW
lstrcpynW
lstrcmp
GetCurrentProcessId
VirtualQuery
GetThreadPriority

advapi32

CryptEnumProvidersA
RegQueryInfoKeyW
RegCloseKey
CreateServiceA
RegDeleteValueW
CryptAcquireContextW
CryptCreateHash
StartServiceW
CryptGetProvParam
RegEnumKeyExW
RegDeleteKeyA
LookupPrivilegeDisplayNameW
RegRestoreKeyA
LookupSecurityDescriptorPartsA
LookupAccountSidA

comdlg32

PrintDlgA
GetOpenFileNameA
FindTextA
PrintDlgW
ChooseFontW
PageSetupDlgW
GetFileTitleW
ChooseFontA
ReplaceTextA
ReplaceTextW
LoadAlterBitmap
GetSaveFileNameA
PageSetupDlgA

user32

CloseDesktop
PeekMessageW
SendMessageA
UpdateWindow
SetCapture
GetUserObjectSecurity
DdeQueryNextServer
SetCursorPos
GetSysColor
GetKeyboardType
ClipCursor

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b1450916132e88c80cb15d676e184fc

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

user32

Sections

.text Size: 135KB - Virtual size: 135KB

.data Size: 265KB - Virtual size: 264KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 135KB - Virtual size: 135KB

.data
Size: 265KB - Virtual size: 264KB

.rsrc
Size: 7KB - Virtual size: 6KB