f5e78e4a03efe9e83b9fa4ec5ad6e1ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5e78e4a03efe9e83b9fa4ec5ad6e1ee_JaffaCakes118
Size

161KB
MD5

f5e78e4a03efe9e83b9fa4ec5ad6e1ee
SHA1

911884cb5c9d8c58ff3d0e59f1ed670e34d186f2
SHA256

1c4a56519705702085a1435cce3622c8727e0f9e427df2e718f675af17bb146e
SHA512

728c1ac7f7095ab67dc7157162a6633321b34aef12df05d97c5ddae9bfd50462c53825aec3170ad28d28ac9d32e36337b46ec8fb493d5e1328a6c0a8c16ff956
SSDEEP

3072:SYst2acnyFhwGUhq8RWjTrKKOCIWNjHURw+CRWYSuUH9UQHNF/hS1N:SYstQyFNUJRWHrKKO1CRTeHCQr/h2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5e78e4a03efe9e83b9fa4ec5ad6e1ee_JaffaCakes118

Files

f5e78e4a03efe9e83b9fa4ec5ad6e1ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e17bea91433ca823ac8f909150534f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapFree
WideCharToMultiByte
WaitForSingleObject
GetModuleFileNameA
WritePrivateProfileSectionW
GetCurrentThreadId
TlsGetValue
GetVersionExA
FindResourceW
GetTempFileNameW
GetConsoleMode
GetCurrentProcessId
CreateFileW
GetCPInfo
GetVDMCurrentDirectories
HeapDestroy
GetThreadLocale
EnterCriticalSection
LocalFree
GetStartupInfoW
HeapSize
TlsAlloc
GetTickCount
ReadFile
GetProcessHeap
SetHandleCount
GetCommandLineA
SetThreadPriorityBoost
TerminateProcess
VirtualFree
IsProcessorFeaturePresent
UnmapViewOfFile
SizeofResource
InterlockedCompareExchange
ExitProcess
GetStdHandle
lstrcmpiW
GetStartupInfoA
CreateProcessW
TlsSetValue
CreateFileMappingW
GetStringTypeW
WriteConsoleA
GetCurrentProcess
GetACP
SetStdHandle
DeleteFileW
MapViewOfFile
HeapReAlloc
LCMapStringW
HeapAlloc
IsDebuggerPresent
LCMapStringA
GetStringTypeA
GetProcAddress
LoadLibraryExW
Sleep
GetConsoleCP
FreeLibrary
EnumResourceNamesW
CloseHandle
FreeEnvironmentStringsW
QueryPerformanceCounter
GetTempPathW
GetModuleHandleW
RtlUnwind
GetFileAttributesW
LockResource
GetSystemTimeAsFileTime
GetFileSize
InterlockedExchange
DeleteCriticalSection
lstrcmpA
LoadLibraryA
GetFileType
UnhandledExceptionFilter
LoadLibraryW
InterlockedIncrement
SetLastError
lstrlenA
GetEnvironmentStrings
LeaveCriticalSection
HeapCreate
GetEnvironmentStringsW
RaiseException
TlsFree
LocalAlloc
SetUnhandledExceptionFilter
GetDriveTypeW
GetLocaleInfoA
InterlockedDecrement
GetModuleFileNameW
FlushFileBuffers
GetOEMCP
GetLastError
GetVersion
SetUnhandledExceptionFilter
FlushInstructionCache
WriteConsoleW
CreateSemaphoreW
LoadResource
MulDiv
WriteFile
GetCommandLineW
CreateFileA
SetFilePointer
GetSystemDirectoryW
GetVersionExW
GetModuleHandleA
VirtualAlloc
MultiByteToWideChar
InitializeCriticalSection
GetConsoleOutputCP
FreeEnvironmentStringsA
CopyFileW
lstrlenW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW

user32

BeginPaint
GetClientRect
CreateWindowExW
GetParent
MessageBoxW
SetWindowPos
GetDlgItemTextW
DestroyWindow
TranslateMessage
SetCapture
DispatchMessageW
GetWindowInfo
SetWindowTextW
GetWindow
GetDlgItem
GetClassInfoExW
RegisterClassExW
GetWindowTextLengthW
GetWindowRect
GetDC
LoadCursorW
PeekMessageW
MapWindowPoints
EndPaint
SystemParametersInfoW
SetDlgItemTextW
EndDialog

ole32

CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoInitialize

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

msvfw32

ICInfo

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e17bea91433ca823ac8f909150534f8

Headers

File Characteristics

Imports

kernel32

shell32

user32

ole32

version

gdi32

msvfw32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 71KB - Virtual size: 71KB

.idive Size: 1024B - Virtual size: 248KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 71KB - Virtual size: 71KB

.idive
Size: 1024B - Virtual size: 248KB