fa3a9754cc342672e5a2ead84dff716e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa3a9754cc342672e5a2ead84dff716e_JaffaCakes118
Size

416KB
MD5

fa3a9754cc342672e5a2ead84dff716e
SHA1

4547dcd18f3d10e9781fa9338236d0a218ff283c
SHA256

ceadc81fdd04091975627ab2912ab9b1facc3226968d30274f1a062db66cca57
SHA512

4d8964edf6c03a43638c4c9c7ec4a702600640b2138e4906f1d12abcba6403b94a1c0ba35bb23b1992e88ed6a4fd08784ebb046aaf81246a1352dd934bb14804
SSDEEP

12288:mYWZC3rOfl00mU2iurDejtqHi8SiKA8FwEwqW:jWZCCd00T2iurDeAHFSiKAvEwqW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa3a9754cc342672e5a2ead84dff716e_JaffaCakes118

Files

fa3a9754cc342672e5a2ead84dff716e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a098c80ba13d3f7f17d7dfe6f61b794

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\tmzexeete\aobeeeku\kxvbvx\mxbouf\feovafog.PDB

Imports

kernel32

WritePrivateProfileSectionW
OpenSemaphoreA
HeapDestroy
GetCurrencyFormatA
HeapFree
GetStartupInfoA
FindResourceExA
SetFilePointer
ExitProcess
CreateFileA
VirtualAlloc
TlsGetValue
SetLastError
MultiByteToWideChar
IsValidCodePage
GetProcAddress
GetFileType
WriteConsoleA
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleW
GetTimeFormatA
GetThreadTimes
WaitForSingleObjectEx
GetCalendarInfoW
LCMapStringW
GetSystemTimeAdjustment
GlobalLock
GetConsoleOutputCP
GetCommandLineA
FlushInstructionCache
SetConsoleTitleW
CreateMutexA
EnumSystemLocalesA
InterlockedIncrement
GetStringTypeW
GetLocaleInfoA
CompareStringW
CloseHandle
LockResource
LCMapStringA
FreeEnvironmentStringsA
QueryPerformanceCounter
FreeLibrary
WritePrivateProfileStructA
SetConsoleCtrlHandler
GetCommandLineW
GetConsoleCP
CommConfigDialogW
GetTimeZoneInformation
DeleteCriticalSection
InitializeCriticalSection
TerminateProcess
GetOEMCP
GetDateFormatA
SetHandleCount
TlsFree
GetCurrentThreadId
WaitForMultipleObjectsEx
SetUnhandledExceptionFilter
WriteFile
OpenMutexA
HeapReAlloc
GetModuleFileNameA
GetACP
ContinueDebugEvent
GetSystemInfo
GetProcessHeap
GetLastError
GetSystemTimeAsFileTime
LocalReAlloc
CopyFileA
GlobalUnfix
GetDateFormatW
Sleep
HeapSize
IsValidLocale
IsDebuggerPresent
GetModuleFileNameW
GetLocaleInfoW
VirtualProtectEx
UnmapViewOfFile
RtlUnwind
EnumCalendarInfoW
LeaveCriticalSection
GetTickCount
GetCurrentDirectoryW
UnhandledExceptionFilter
VirtualLock
OutputDebugStringW
SetThreadPriority
GetEnvironmentStrings
GetCurrencyFormatW
TlsAlloc
LoadResource
UnlockFileEx
SetCurrentDirectoryW
SetCurrentDirectoryA
MoveFileA
SetEnvironmentVariableA
GetVersionExA
HeapCreate
HeapAlloc
WideCharToMultiByte
VirtualProtect
GlobalCompact
InterlockedDecrement
GetCurrentThread
GetCurrentProcessId
GlobalFlags
EnumResourceNamesA
GetCurrentProcess
LoadLibraryA
GetStartupInfoW
FlushFileBuffers
VirtualQuery
GlobalFix
UnlockFile
SetStdHandle
GetUserDefaultLCID
TlsSetValue
GetStdHandle
WriteConsoleOutputW
GetProfileStringW
WritePrivateProfileStructW
GetModuleHandleA
InterlockedExchange
EnterCriticalSection
CompareStringA
GetCPInfo
ResumeThread
VirtualFree
GetStringTypeA
ReadFile

shell32

SheChangeDirExW
SHGetSpecialFolderLocation
ExtractAssociatedIconExW

gdi32

SelectObject
CreateDCA
CombineRgn
GetOutlineTextMetricsW
SetPixelFormat
EnumICMProfilesA
SetMapMode
DeleteObject
RemoveFontResourceA
OffsetWindowOrgEx
GetWindowExtEx
SetArcDirection
PlayMetaFileRecord
GetDeviceCaps
GetObjectW
CreateColorSpaceA
DrawEscape
DeleteDC
GetDIBits
AngleArc
SetLayout
CloseFigure

comctl32

ImageList_Replace
ImageList_Remove
ImageList_BeginDrag
ImageList_GetIcon
ImageList_SetImageCount
DrawStatusText
ImageList_Copy
InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_AddMasked
ImageList_GetIconSize
ImageList_Create
ImageList_ReplaceIcon
CreatePropertySheetPageA
CreatePropertySheetPageW
CreateToolbar
CreateStatusWindowW
ImageList_DragEnter
ImageList_LoadImageW
DrawStatusTextW
ImageList_Read
ImageList_Duplicate

user32

GetMenuState
IsZoomed
RealChildWindowFromPoint
GetKeyboardType
SetRectEmpty
GetSubMenu
LoadMenuIndirectW
DefWindowProcW
ShowScrollBar
DefDlgProcW
SetWindowsHookW
VkKeyScanExA
SetRect
CreateIconFromResourceEx
GetGUIThreadInfo
ChangeDisplaySettingsA
GetInputDesktop
GetDlgItemInt
GetWindowModuleFileNameA
LoadKeyboardLayoutW
OpenClipboard
SetParent
DrawIconEx
GetComboBoxInfo
SetUserObjectInformationA
UnregisterClassA
GetWindowTextW
SetWindowLongW
GetCaretBlinkTime
DefFrameProcW
DdeUninitialize
SetMenuDefaultItem
OemToCharW
MapWindowPoints
GetKBCodePage
GetAncestor
RegisterClassExA
DestroyWindow
DdeConnectList
GetWindowInfo
MenuItemFromPoint
DrawFrameControl
CharNextW
SwapMouseButton
MapVirtualKeyA
RegisterClipboardFormatA
CreateWindowExA
ShowWindow
ModifyMenuW
CharPrevW
SetWindowPlacement
OemToCharA
MessageBoxW
RegisterClassA
wsprintfA
CharPrevExA
DestroyCursor

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a098c80ba13d3f7f17d7dfe6f61b794

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

gdi32

comctl32

user32

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 96KB - Virtual size: 114KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 96KB - Virtual size: 114KB

.rsrc
Size: 24KB - Virtual size: 20KB