5297b02170a3a37eca99cc917c98dc8d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5297b02170a3a37eca99cc917c98dc8d_JaffaCakes118
Size

127KB
MD5

5297b02170a3a37eca99cc917c98dc8d
SHA1

25bd10e848174d327bb9a9e991a199b44c4bbdb3
SHA256

df31b2a78a45886c665534f968fcb5625d8b5bec4e11a6549ec9af24faa2b11f
SHA512

e1e0b7bf008ffed0a0b4a33577d35b353e27620d0617e723874abe651a999fac82daf802813d6618f9767326d909e97d29a3e2b72a76a1dee5471defe09416f1
SSDEEP

3072:njgb8oekvM/ddZwbrxiQJOL1PuhyLtEyr58xtnj9DcJE:jg+hlriFieIXLuyr58xttc+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5297b02170a3a37eca99cc917c98dc8d_JaffaCakes118

Files

5297b02170a3a37eca99cc917c98dc8d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb1ad2cb25a0899a942278b85ce75c6c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEvent
SetUnhandledExceptionFilter
Sleep
OpenProcess
UnhandledExceptionFilter
WideCharToMultiByte
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA
OpenEventA
MultiByteToWideChar
LoadLibraryExA
InterlockedIncrement
InterlockedDecrement
GetVersionExA
GetTickCount
GetSystemTimeAsFileTime
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
FreeLibrary
CreateProcessA
CreateEventA
CompareStringA
CloseHandle
AddAtomA
CreateFileA
VirtualAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetOEMCP

user32

LoadIconW
LoadIconA

gdi32

SetRectRgn
SetPixel
SetBkColor
SelectObject
PatBlt
MoveToEx
LineTo
GetTextMetricsW
GetTextExtentPoint32W
GetPixel
GetDeviceCaps
DeleteObject
SetTextColor
CreateSolidBrush
CreateRectRgn
CreatePen
CreateICW
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BitBlt
GetStockObject
TextOutW
DeleteDC
StretchBlt

advapi32

RegOpenKeyExA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb1ad2cb25a0899a942278b85ce75c6c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4KB - Virtual size: 4KB

.text2 Size: 512B - Virtual size: 100B

.data Size: 116KB - Virtual size: 116KB

.text Size: 1024B - Virtual size: 516B

.rdata3 Size: 512B - Virtual size: 100B

.rdata2 Size: 512B - Virtual size: 100B

.rsrc Size: 1024B - Virtual size: 824B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.text2
Size: 512B - Virtual size: 100B

.data
Size: 116KB - Virtual size: 116KB

.text
Size: 1024B - Virtual size: 516B

.rdata3
Size: 512B - Virtual size: 100B

.rdata2
Size: 512B - Virtual size: 100B

.rsrc
Size: 1024B - Virtual size: 824B

.reloc
Size: 1KB - Virtual size: 1KB