5298ae5d4d8d56d2bd9bbcad30cc890a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5298ae5d4d8d56d2bd9bbcad30cc890a_JaffaCakes118
Size

176KB
MD5

5298ae5d4d8d56d2bd9bbcad30cc890a
SHA1

43076d23108862f70d6b279a7ff91ef0f05508d3
SHA256

05b2e3695f8a12a9e07f0c6c3167966ca05d24f94aeed02075371a34cae7c4b9
SHA512

000c776388b1ff7e75469ebc73c7f2e5b7d7363122198798d18d6100eccdd6ee0155e3310cc2d4a258d4eb11824516989db5249b530866b6d76eccfc86f0368c
SSDEEP

3072:CA4lKeGdC6FzuRRMk4Pwkd46jid5DyfuTUxGxHKGaKbe+m9QyG7:ulKeGdC6Fzun3j364yiqeL4hG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5298ae5d4d8d56d2bd9bbcad30cc890a_JaffaCakes118

Files

5298ae5d4d8d56d2bd9bbcad30cc890a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5516f0ef7096abfc8a1d36cfb2489e62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MenuWindowProcA
ChangeClipboardChain
EnumWindowStationsW
GetMessageTime
GetFocus
MessageBoxExW
CreateIconFromResource
GetMouseMovePointsEx
GetUpdateRect
DdeCmpStringHandles
IsHungAppWindow
DlgDirSelectComboBoxExW
TrackPopupMenu

kernel32

VirtualAlloc
GetVersion
GetModuleFileNameW
VirtualFree
GetProcessHeap
GetModuleHandleA
GetTickCount
LoadLibraryW
HeapFree
Sleep
LocalAlloc
GetCommandLineW
InterlockedExchange
GetCurrentThread
GetModuleHandleW
GetCommandLineA
ExitProcess
GetVersionExA
GetCurrentProcessId
HeapAlloc
SetLastError
GetCurrentProcess
GetProcAddress
InterlockedCompareExchange
GetProcessHeap
GetTickCount
GetProcAddress
OpenFileMappingA
EnumSystemLocalesW
VirtualAlloc
GetCurrentProcess
GetModuleHandleW
HeapAlloc
FindNextFileW
ExitProcess
GetDateFormatA
DeleteFileW
GetACP
GetThreadPriorityBoost
VirtualFree
InitializeCriticalSectionAndSpinCount
HeapCreate
ConvertDefaultLocale
GetCurrentThread
CreatePipe
GetCommandLineA
CreateEventA
RequestWakeupLatency
GetCurrentThreadId
GetCompressedFileSizeW
GetVersion
GetModuleHandleA
GetEnvironmentStringsW
GetCommandLineW
GetCPInfoExW

msvcrt

_chgsign
__mb_cur_max
_tzset

gdi32

SetROP2
SetTextColor
GdiSetLastError
SetArcDirection
CreateRectRgnIndirect
GdiSetPixelFormat
Arc
GetNearestPaletteIndex
SetArcDirection
SetTextCharacterExtra
PatBlt
CreateFontIndirectA
EndPath
Escape
GdiComment
SetROP2
GdiIsMetaFileDC
GdiSetLastError
GetDCPenColor
GdiSetPixelFormat

advapi32

RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW
OpenThreadToken
RegOpenKeyExW
OpenProcessToken
RegOpenKeyExA
RegSetValueExW
InitializeSecurityDescriptor
RegQueryValueExA
SetSecurityDescriptorDacl
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegSetValueExA
GetTokenInformation
RegQueryInfoKeyW
RegCloseKey

ole32

CoIsHandlerConnected
HBRUSH_UserSize
ReadOleStg
OleGetClipboard
CreateObjrefMoniker
IsValidIid

Sections

.text
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 75KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 73KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5516f0ef7096abfc8a1d36cfb2489e62

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

msvcrt

gdi32

advapi32

ole32

Sections

.text Size: 10KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 25KB

.idata Size: 75KB - Virtual size: 447KB

.rdata Size: 73KB - Virtual size: 75KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 10KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 25KB

.idata
Size: 75KB - Virtual size: 447KB

.rdata
Size: 73KB - Virtual size: 75KB

.rsrc
Size: 5KB - Virtual size: 5KB