5636a8fe131e01b105d6d7d25dc691b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5636a8fe131e01b105d6d7d25dc691b1_JaffaCakes118
Size

859KB
MD5

5636a8fe131e01b105d6d7d25dc691b1
SHA1

4ebd5d7ece55c904353a33d6aca84123f0a9dc47
SHA256

d2d96cb28f999105bb843ad0388a78c8afbfd57d7089a497d7734752dba92163
SHA512

2893a144d19dcaeb9acf2321a8692a9ae26709dc9e49588dca7a5b5dc0804c4e20f5ced99440b755c6aa66fe2a631adb547eaf516523cb944454c471d98b4359
SSDEEP

24576:WT0cFYoE7VOx6XHF3U2VJ32eVCHBqakUAyLfD2TRcs:WwOYXHF3U2HrVqQPURD2TWs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5636a8fe131e01b105d6d7d25dc691b1_JaffaCakes118

Files

5636a8fe131e01b105d6d7d25dc691b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2b39e2fc02d6cd971a9e7d44ac28f906

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
CompareFileTime
SetStdHandle
GetFileSize
SetUnhandledExceptionFilter
GetEnvironmentStringsW
ExitThread
DeleteCriticalSection
GetCPInfo
FindFirstFileW
GetSystemDefaultLangID
GetCurrentThreadId
FreeEnvironmentStringsW
IsBadCodePtr
GetLocalTime
WritePrivateProfileStringA
LoadLibraryA
GlobalLock
GetSystemTimeAsFileTime
EnterCriticalSection
CreateFileMappingA
ReleaseSemaphore
LeaveCriticalSection
LocalFileTimeToFileTime
GlobalAlloc
VirtualAlloc
CreateThread
QueryPerformanceCounter
MapViewOfFile
FindNextFileW
LocalAlloc
GetDriveTypeW
GetDriveTypeA
FlushFileBuffers
lstrcpynA
GetTickCount

msvcrt

_lock
__getmainargs
_XcptFilter
strncmp
??0exception@@QAE@XZ
wcsstr
exit
qsort
__p__commode
_vsnprintf
__set_app_type
fclose
_errno

user32

SetParent
SetWindowsHookExW
EqualRect
DrawIcon
GetWindowLongW
GetClassNameW
DeleteMenu
GetParent
DrawIconEx
GetWindowTextW
ReleaseDC
SetTimer
GetSystemMenu
DispatchMessageW
GetDlgItemTextW
RegisterWindowMessageA
SetWindowsHookExA
SetActiveWindow
CallNextHookEx
DrawTextW
ShowWindow

advapi32

AdjustTokenPrivileges
RegEnumKeyW
InitializeAcl
AddAccessAllowedAce

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 535KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b39e2fc02d6cd971a9e7d44ac28f906

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 191KB - Virtual size: 191KB

.data Size: 535KB - Virtual size: 2.0MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 191KB - Virtual size: 191KB

.data
Size: 535KB - Virtual size: 2.0MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1024B