f4a1e0a14ebf5645b289e45e445c797c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f4a1e0a14ebf5645b289e45e445c797c_JaffaCakes118
Size

9.7MB
MD5

f4a1e0a14ebf5645b289e45e445c797c
SHA1

97e4633761a7f83305a16609158b9453a41f1090
SHA256

c0ef7307d1e52cd551e26cf4766c7f2f702c96d63b5e78d58de54c19996aee5b
SHA512

13b1f8fa8322b7778b936f08bb4db6347f4f724286ddc21fb2578c47fa23bc5c324c9262c20a75d33b3537c2045be1988dcab60399eb7c781df273920c599d90
SSDEEP

196608:gvadv+H1vg9grUWdUU3Vpbfpdqgx2ck9DFdoR2OddXgKsLyVpac2PdO+/dKs:5WH149grxCU3VpbRdq429DF9OzgnLype

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FAVC_102.exe

Files

f4a1e0a14ebf5645b289e45e445c797c_JaffaCakes118
.rar
FAVC_102.exe
.exe windows:4 windows x86 arch:x86

cb992632ec49b63d73e975dd5c7dd673

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItem
IsDlgButtonChecked
PostMessageA
KillTimer
SetTimer
MessageBoxW
DialogBoxParamW
DialogBoxParamA
SetWindowLongA
GetWindowLongA
GetWindowTextLengthW
GetWindowTextW
GetWindowTextLengthA
GetWindowTextA
SetWindowTextW
SetWindowTextA
SendMessageW
SendMessageA
LoadStringW
LoadStringA
CharUpperW
CharUpperA
EndDialog

oleaut32

SysFreeString
SysAllocString
VariantClear

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHBrowseForFolderA

ole32

CoUninitialize
CoInitialize

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_except_handler3
??1type_info@@UAE@XZ
_lrotl
_rotr
memset
memcpy
free
malloc
_CxxThrowException
memmove
memcmp
_purecall
__CxxFrameHandler

kernel32

CloseHandle
GetStartupInfoA
GetModuleHandleA
VirtualFree
VirtualAlloc
FileTimeToLocalFileTime
Sleep
WaitForMultipleObjects
SetEvent
ResetEvent
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
CreateEventA
GetModuleHandleW
GetProcAddress
FileTimeToSystemTime
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
CreateFileA
FindFirstFileW
FindFirstFileA
FindClose
GetCurrentDirectoryW
GetCurrentDirectoryA
GetFullPathNameW
GetFullPathNameA
lstrlenA
DeleteFileW
DeleteFileA
CreateDirectoryW
CreateDirectoryA
MoveFileW
RemoveDirectoryW
SetFileAttributesW
MoveFileA
RemoveDirectoryA
SetFileAttributesA
SetLastError
CreateFileW
SetFileTime
FormatMessageW
FormatMessageA
LocalFree
GetModuleFileNameW
GetModuleFileNameA
AreFileApisANSI
GetLastError
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
GetCommandLineW
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
CreateThread

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

cb992632ec49b63d73e975dd5c7dd673

Headers

File Characteristics

Imports

user32

oleaut32

shell32

ole32

msvcrt

kernel32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 30KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 30KB

.rsrc
Size: 5KB - Virtual size: 5KB