f5c548917109e9447b0e496a7f76e4bc_JaffaCakes118

General

Target

f5c548917109e9447b0e496a7f76e4bc_JaffaCakes118
Size

18KB
MD5

f5c548917109e9447b0e496a7f76e4bc
SHA1

9ff5a294f04798c779ccf59e0746f6b50be11a0d
SHA256

b57fe1d2420355f1bd066d99dc6011aa027872fc746c3762218c4a1b964edc5d
SHA512

8021e35a60eb2b328896e2a983b6231efbafd78c762145243c53c12133221295241b3fd4cd191bdec076efc93b756600fb3dc8086fc0f10bd5adfb55f156ac49
SSDEEP

384:NJcNAnkoGN32dqrTEc0X5w2PAqll6+KCA/L:NjdqN0XFxv6EA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5c548917109e9447b0e496a7f76e4bc_JaffaCakes118

Files

f5c548917109e9447b0e496a7f76e4bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

def619f47ff794551f44235b9ebb07eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetComputerNameA
GetCurrentProcessId
GetDriveTypeA
GetFileSize
GetLocalTime
GetLocaleInfoA
GetLogicalDriveStringsA
GetModuleHandleA
GetPriorityClass
GetSystemDirectoryA
GetTempPathA
GetTimeFormatA
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalMemoryStatus
MultiByteToWideChar
OpenProcess
Process32First
Process32Next
ReadFile
RtlZeroMemory
SetErrorMode
SetFilePointer
SetPriorityClass
Sleep
TerminateProcess
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

user32

wsprintfA
GetDC
GetDesktopWindow
GetSystemMetrics
MessageBoxA
ReleaseCapture
ReleaseDC
SendMessageA

ws2_32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
gethostname
htons
inet_addr
inet_ntoa
recv
send
socket

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

shell32

SHGetFileInfoA
ShellExecuteA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
SelectObject

psapi

GetModuleFileNameExA

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdiplusShutdown
GdiplusStartup

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

Sections

.text
Size: 18KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

def619f47ff794551f44235b9ebb07eb

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

shell32

gdi32

psapi

gdiplus

avicap32

Sections

.text Size: 18KB - Virtual size: 146KB

.text
Size: 18KB - Virtual size: 146KB