f5a5924e1d48f0239c472b05ea502763_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5a5924e1d48f0239c472b05ea502763_JaffaCakes118
Size

1.7MB
MD5

f5a5924e1d48f0239c472b05ea502763
SHA1

5bc579cd461ff4ca81ee41ac2fba52f74569a740
SHA256

b3f0f7a5e42c2426b1c29d807740b6b0cd1ff4c13225c6367b126c3eaf320244
SHA512

f795e01d7840e6fbd2773f1c533b95effb3b93f946a6f3da839a2293005a904d667ebce5371a101d2ce4e6d0f76f45ba6065359663f48c775f39321491fd08e8
SSDEEP

49152:qE678EX1L88D2NpMf9ydaE3G87pk7+5g2rwoTHpTqHInU7ng:q8k1LbKNp2UaXipka5trwoTHpT2S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5a5924e1d48f0239c472b05ea502763_JaffaCakes118

Files

f5a5924e1d48f0239c472b05ea502763_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28fda2b61881c063b6b3bb68b950377d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GetSystemTime
FreeLibraryAndExitThread
OpenSemaphoreW
VirtualAlloc
LoadLibraryExW
SetCommMask
SetProcessAffinityMask
GlobalFindAtomW
RaiseException
EndUpdateResourceA
WritePrivateProfileStructA
GetDriveTypeW
FreeResource
GetCommState
WaitNamedPipeA
CreateMutexA
IsBadWritePtr
RemoveDirectoryW
VirtualQuery
SetConsoleWindowInfo
PulseEvent
ReadConsoleA
WritePrivateProfileSectionA
SetConsoleOutputCP
FindFirstFileExW
SetEnvironmentVariableW
PeekConsoleInputW
GetLargestConsoleWindowSize
GetEnvironmentVariableW
GetThreadPriority
GetProcessTimes
SetConsoleMode
MoveFileExA
SetMailslotInfo
GetShortPathNameA
SetTimeZoneInformation
PurgeComm
GetTempFileNameA
UnmapViewOfFile
GenerateConsoleCtrlEvent
WriteFile
GetTapeParameters
_lopen
IsValidLocale
ReadConsoleInputW
GetLocaleInfoW
MultiByteToWideChar
GetCurrentProcess
FindResourceExW
CopyFileExW
GetConsoleMode
CreateIoCompletionPort
WriteConsoleOutputW
GlobalAddAtomA
GetSystemDirectoryW
SwitchToFiber
GetNumberFormatW
lstrcpyA
GetSystemInfo
WriteConsoleOutputCharacterA
GetOverlappedResult
GetTempPathW
LocalAlloc
GetEnvironmentStringsW
EnumResourceNamesW
GetFullPathNameA
LocalReAlloc
GetHandleInformation
EnumCalendarInfoW
GlobalGetAtomNameW
DosDateTimeToFileTime
GetACP
_llseek
SetEvent
SetCurrentDirectoryA
SetHandleCount
EraseTape
GetCommModemStatus
CreateFileW
LocalLock
GetCurrentProcessId
IsDBCSLeadByteEx
ExitThread
OpenMutexA
GetTickCount
SetThreadAffinityMask
GlobalFindAtomA
SetCommTimeouts
GetCommandLineW
VirtualProtect
GetFileAttributesExA
GlobalFree
ExitProcess

user32

DrawTextA
GetDC
IsZoomed
GetClipboardData
DrawTextExA
GetCursorPos
SendDlgItemMessageA
DrawStateA
GetKeyboardLayoutNameA
IsRectEmpty
CallWindowProcW
PeekMessageW
ChangeMenuW
GetWindowTextLengthW
GetWindowInfo
GetAncestor
LoadBitmapW
InflateRect
LoadMenuIndirectW
GetParent
MenuItemFromPoint
SetParent
LoadMenuA
MonitorFromRect
SetWindowRgn
InSendMessage
GetTabbedTextExtentA
HideCaret
GetMenuStringW
SetDlgItemInt
DialogBoxIndirectParamA
DeleteMenu
CharToOemW
GetDlgItemTextW
DrawStateW
GetWindowTextW
SetClassLongA
CloseWindow
SetPropW
DispatchMessageW
DestroyMenu
InternalGetWindowText
GetThreadDesktop
EnumDesktopsW
SendMessageW
CheckMenuRadioItem
ValidateRect
SetLastErrorEx
SetRectEmpty
CharNextExA

gdi32

GetDIBColorTable
EnumObjects
SetPaletteEntries
CreateFontA
GetCurrentPositionEx

comdlg32

GetOpenFileNameW
ChooseColorA

advapi32

LookupAccountSidW
SetPrivateObjectSecurity
LogonUserW
QueryServiceConfigW
ReportEventW
EnumServicesStatusA
RegReplaceKeyW
QueryServiceConfigA
RegQueryValueW
GetSecurityDescriptorOwner
SetKernelObjectSecurity
LookupPrivilegeNameA
SetSecurityInfo
RegDeleteValueA

shell32

SHGetSettings
SHLoadInProc
SHGetSpecialFolderLocation

ole32

OleFlushClipboard
CoInitializeEx
GetRunningObjectTable
IIDFromString
OleSetContainedObject
CoRegisterClassObject
CoGetObject
PropVariantCopy

oleaut32

LoadTypeLibEx
VariantCopy
VariantChangeType
SafeArrayUnaccessData
SysStringLen
LoadTypeLi

shlwapi

StrRetToStrW
StrRChrA
SHRegOpenUSKeyW
PathAddExtensionW
StrChrIA
StrFormatByteSizeA
wvnsprintfW
PathUnquoteSpacesA
UrlCreateFromPathW
wnsprintfW
StrCatW
SHSetThreadRef
PathIsDirectoryW
StrCpyNW
PathCommonPrefixW
StrCmpNW
PathRemoveBackslashA

Sections

.text
Size: 6KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28fda2b61881c063b6b3bb68b950377d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 6KB - Virtual size: 222KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 222KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 17KB - Virtual size: 16KB