f5962d64a5fc7cfaef2a2bae65e31e8e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f5962d64a5fc7cfaef2a2bae65e31e8e_JaffaCakes118
Size

268KB
MD5

f5962d64a5fc7cfaef2a2bae65e31e8e
SHA1

bec37bea360230a3b30ffc85a2faa62ae063e90b
SHA256

1718911221f1038b6e586bf23328476f315a0820a614aceacf4df6676238c883
SHA512

4d0b476ef4f9f787ab88ea23e8ccf961aa4ff1cc7b8d60b8b4dbea9a12b57051aded8b8710105402555886e3e6e29e859b876cebe76736f10b4a68b0d9563abf
SSDEEP

6144:7WXreNuCgQL0zir3dBQd130y9ZT8XrQ+mDgwkSbRUaxlePzQQG0m7iF:7SreNvBQdJ0A58XrQcwkcUaxIPzQQuO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5962d64a5fc7cfaef2a2bae65e31e8e_JaffaCakes118

Files

f5962d64a5fc7cfaef2a2bae65e31e8e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a40499a555ccdb2cb5bfb7f72bdd3ad6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegSetValueExW
RegDeleteValueW
RegFlushKey
RegQueryValueExW
RegCreateKeyW

gdi32

CreatePen
SelectObject
LineTo
GetStockObject
PatBlt
CreateCompatibleDC
GetPixel
DeleteDC

msvcrt

__p__fmode
isdigit
exit
_c_exit

kernel32

HeapAlloc
CreateFileA
FileTimeToDosDateTime
DecodePointer
FlushViewOfFile
GetTickCount
RtlFillMemory
IsBadStringPtrA
CopyFileA
CreateNamedPipeA
SetThreadContext
EnterCriticalSection
HeapSummary
ReadFile
ConnectNamedPipe
MapViewOfFile
GetQueuedCompletionStatus
HeapUnlock
SwitchToThread
GetSystemDefaultLCID
IsValidLanguageGroup
CloseHandle
lstrcpyA
OpenThread
GetLocaleInfoA
ConvertDefaultLocale
WaitForMultipleObjects
GetThreadPriority
OpenFileMappingA
lstrlenW
SleepEx
GetCurrentProcessId
HeapFree
ResetEvent
lstrcatA
SetThreadUILanguage
GetStringTypeA
GetThreadIOPendingFlag
CreateIoCompletionPort
VirtualAllocEx
DosDateTimeToFileTime
GetCurrentProcess
HeapSetInformation
InitializeCriticalSection
lstrlenA
HeapCreate
SetEnvironmentVariableA
EnumSystemLanguageGroupsA
IsValidLocale
LeaveCriticalSection
SetNamedPipeHandleState
RegisterWaitForSingleObject
SetFilePointer
InterlockedExchangeAdd
GetFileAttributesExA
SetLastError
GetFileTime
GetSystemDefaultLangID
CallNamedPipeA
CreateFileMappingA
HeapDestroy
SetThreadExecutionState
WriteFileGather
WaitForSingleObjectEx
EncodePointer
FileTimeToLocalFileTime
CompareStringA
CreateMutexA
UnmapViewOfFile
lstrcmpA
SetFirmwareEnvironmentVariableA
ReadFileEx

user32

DrawMenuBar
WinHelpW
SetCursor
MessageBoxW
GetMessageW
GetMenu
BeginPaint
GetSysColor
PostMessageW
SetWindowPos
TranslateAcceleratorW
InvalidateRect
KillTimer
LoadIconW
GetDesktopWindow
ReleaseDC
ShowWindow
DefWindowProcW
SendMessageW
ShowCursor

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a40499a555ccdb2cb5bfb7f72bdd3ad6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

msvcrt

kernel32

user32

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 26KB - Virtual size: 568KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 26KB - Virtual size: 568KB