f5d2b239a9357036fa1b0eee774b510b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f5d2b239a9357036fa1b0eee774b510b_JaffaCakes118
Size

59KB
MD5

f5d2b239a9357036fa1b0eee774b510b
SHA1

159ff7bf044aeaf620f9b747e7747e6810c999cd
SHA256

72ad0be85c47ca31a3c83ad2dcd6eedc615cfa2ffae7d75c8ab94c2dccc64154
SHA512

f84348163bf8d892caa3f36a7885a1afbffd07f5a532108d5917ae96d3498ea8cc79ff0217862a77cda1f966f1aeb5f580c02e7653e7c229185e544c8ae4164a
SSDEEP

1536:AXMMMbR1Zkey9ARTWgxaXHKU8Ji5yzfLhQL7XiFLCu2GU4mEYd:AXMMM1v3PRZ4XP+SKl6GFL92Fd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5d2b239a9357036fa1b0eee774b510b_JaffaCakes118

Files

f5d2b239a9357036fa1b0eee774b510b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25d4a444137a9229bf42ff5c19193198

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
WriteFile
CopyFileA
ReadConsoleA
DeleteFileW
DeleteFileA
CopyFileW
CopyFileExW
CopyFileExA
GetFileTime
GetFileSize
CreateThread
CreateProcessA
GetLastError
GetCommandLineA
OpenFileMappingA
ReadFile
GetComputerNameA
DeleteAtom
SetLastError
CreateDirectoryA
OpenFile
FindFirstFileA
FindAtomA

advapi32

RegOpenKeyA
RegReplaceKeyA
RegQueryValueW
RegDeleteKeyA
RegEnumKeyExW
RegReplaceKeyW
RegOpenKeyExA
RegEnumValueW
RegCreateKeyW
RegQueryValueA
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyExW
RegLoadKeyW
RegDeleteKeyW
RegEnumKeyA
RegFlushKey
RegGetKeySecurity
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExA
RegEnumKeyW
RegDeleteValueA
RegLoadKeyA

gdi32

CloseMetaFile
ExcludeClipRect
AddFontResourceW
CloseFigure
DeleteObject
SetTextColor
GetBitmapBits
AddFontResourceExW
DeleteDC
CancelDC
CreateSolidBrush
BeginPath
ClearBitmapAttributes
GetBrushOrgEx
ClearBrushAttributes
AddFontMemResourceEx
AddFontResourceA

user32

DialogBoxParamA
InsertMenuA
BlockInput
DrawIconEx
IsMenu
GetWindowTextA
AppendMenuA
CopyImage
CopyIcon
IsWindow
DrawTextW
AlignRects
GetCursor
AppendMenuW
EndDialog
LoadCursorA
CloseWindow
GetFocus

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_GetImageInfo
ImageList_DragMove
ImageList_DragEnter
ImageList_GetIcon
ImageList_Draw
ImageList_EndDrag
ImageList_LoadImageW
ImageList_AddIcon
ImageList_GetIconSize
ImageList_LoadImage
ImageList_DrawEx
ImageList_DragLeave
ImageList_Create
ImageList_Merge
ImageList_Replace

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 287B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 453B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25d4a444137a9229bf42ff5c19193198

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 50KB - Virtual size: 149KB

.rsrc Size: 512B - Virtual size: 287B

.reloc Size: - Virtual size: 453B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 50KB - Virtual size: 149KB

.rsrc
Size: 512B - Virtual size: 287B

.reloc
Size: - Virtual size: 453B