f5bd01f29172bfd406d90b6948b95744_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5bd01f29172bfd406d90b6948b95744_JaffaCakes118
Size

457KB
MD5

f5bd01f29172bfd406d90b6948b95744
SHA1

8e3136b97c106a5d807cc0a36dfde7a58bb1557a
SHA256

102df67bb7aa0e47de43d9d90e8128ac4a627b4cdb4c2ecde3af9e2c179305dd
SHA512

700c73aea4f9bdd7e4b61f2c1c9a4e46fbf7104f499479e48c664db881d8613cfe9bac67ca379217e2ce2c09797e9674d0b469dfad6c7bf87c4f2c7c7c3f65d6
SSDEEP

12288:8NR1s5T1cAc/duJgA/c66L3YwD2G2YgrX:+RseAc/dPMcD2G3grX

Score

1^/10

Malware Config

Signatures

Files

f5bd01f29172bfd406d90b6948b95744_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78f8f1a15fb0595bbaa9b6bbf2302d5c

Code Sign

2b:4d:2c:67:7e:be:ed:60:4a:9c:ee:cc:57:80:80:ab:2a:77:2e:59
Signer

Actual PE Digest

2b:4d:2c:67:7e:be:ed:60:4a:9c:ee:cc:57:80:80:ab:2a:77:2e:59

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerQueryValueW

wininet

HttpEndRequestA

kernel32

LockResource
GetDefaultCommConfigA
GetVersion
ExitProcess
VirtualAlloc
WriteFile
GetLastError
GetTickCount
CreateFileMappingA
CloseHandle
FreeResource
FreeLibrary
FindResourceA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
GetCommandLineA
GetStringTypeA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
GetStartupInfoA
GetSystemTimeAsFileTime
SetFilePointer
GetCommandLineW
lstrcmpiA
ReadFile
GetModuleHandleA
GetProcAddress
GetVersionExA
CreateThread
GetUserDefaultLangID
GetStringTypeW
LCMapStringA
LCMapStringW
LoadLibraryA

user32

IsDialogMessageA
GetDC
InvalidateRect
MessageBoxA
GetSystemMetrics
GetWindowLongA
GetSystemMenu
GetClassInfoA
GetCapture
IntersectRect
GetWindowThreadProcessId
RegisterClassExA
IsIconic
IsRectEmpty
IsWindow
RemovePropA
SetMenu
SetMenuItemInfoA
SetPropA
SetRect
SetScrollInfo
GetWindowPlacement
GetWindowRect
GetClassNameA
GetKeyboardType
GetScrollPos
PtInRect
SetScrollRange
CreateDialogParamA
LoadStringA
GetClientRect
DialogBoxParamA
CreateWindowExA
IsChild

gdi32

ExcludeClipRect
CreatePen
Rectangle
GetDeviceCaps
SetBkColor
GetClipBox
CreatePenIndirect
TextOutW

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExW
GetUserNameA

ole32

CoUninitialize
CoInitialize
CoTaskMemAlloc

oleaut32

SafeArrayGetUBound
SafeArrayRedim
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayCreate
SysAllocStringLen
SysReAllocStringLen
SafeArrayPutElement

Sections

.text
Size: 404KB - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78f8f1a15fb0595bbaa9b6bbf2302d5c

Code Sign

2b:4d:2c:67:7e:be:ed:60:4a:9c:ee:cc:57:80:80:ab:2a:77:2e:59Signer

Headers

File Characteristics

Imports

comctl32

version

wininet

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 404KB - Virtual size: 402KB

.qdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 41KB

.rsrc Size: 28KB - Virtual size: 27KB

2b:4d:2c:67:7e:be:ed:60:4a:9c:ee:cc:57:80:80:ab:2a:77:2e:59
Signer

.text
Size: 404KB - Virtual size: 402KB

.qdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 41KB

.rsrc
Size: 28KB - Virtual size: 27KB