fa8f981e92c2428f94f154e42d9d55d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa8f981e92c2428f94f154e42d9d55d3_JaffaCakes118
Size

533KB
MD5

fa8f981e92c2428f94f154e42d9d55d3
SHA1

c1e7ef379f43f1fc00e1fc720d76107dcc7266b5
SHA256

2f7c4829f4357cc87c28613736c4bd82ae213aab705594729ebdcaae8ebf7ce5
SHA512

b407ee57952a15ea291b76d28014145e20183327fb1db3694e4b103f99c23710278159a4cc8e95b7f0242cb6c53d50984b295a907590794d0aae84977425f620
SSDEEP

6144:+2fiOcQ37frz+0ZY0bfVGPECp+EpLO1iWb8xwTLExW9DxHzteqmW0xZAr+NB2sst:ff5nz+Mu8r1iWxjTwqTgHNoH8mEU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa8f981e92c2428f94f154e42d9d55d3_JaffaCakes118

Files

fa8f981e92c2428f94f154e42d9d55d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fbd0a24277615b2f07f08a685d9071f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetEnvironmentStringsW
GetModuleFileNameA
GetUserDefaultLCID
TlsFree
SetLastError
TlsAlloc
GetStartupInfoW
WritePrivateProfileStructW
SetFilePointer
GetOEMCP
GetConsoleCP
InterlockedIncrement
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
RtlUnwind
GetTimeFormatA
GetLocaleInfoW
SetHandleCount
GetDateFormatA
InterlockedDecrement
SetEndOfFile
ReadFile
GetCommandLineW
GetCurrentProcessId
EnterCriticalSection
GetLocaleInfoA
TlsSetValue
HeapFree
InitializeCriticalSection
CreateMutexA
Sleep
IsValidCodePage
GetModuleFileNameW
DeleteCriticalSection
GetTimeZoneInformation
HeapCreate
HeapDestroy
CompareStringA
LoadLibraryA
GetLastError
GetCurrentProcess
FreeEnvironmentStringsW
LCMapStringW
QueryPerformanceCounter
GetConsoleMode
VirtualQuery
GetFileType
FreeEnvironmentStringsA
IsValidLocale
EnumSystemLocalesA
LocalFlags
HeapSize
GetNumberFormatA
GetCurrentThreadId
HeapReAlloc
GetModuleHandleA
GetStringTypeW
FreeLibrary
GetACP
GetStringTypeA
SetUnhandledExceptionFilter
GetStdHandle
GetCommandLineA
MultiByteToWideChar
InterlockedExchange
GetVersionExA
TerminateProcess
SetStdHandle
GetWindowsDirectoryA
OpenFileMappingA
VirtualAlloc
GetConsoleOutputCP
GetFileAttributesW
GetNumberFormatW
GetTempFileNameW
GetDiskFreeSpaceExA
GetProcessHeap
WideCharToMultiByte
GlobalHandle
ExitProcess
LCMapStringA
GetTickCount
HeapAlloc
UnlockFileEx
FlushFileBuffers
LeaveCriticalSection
CreateMailslotA
WritePrivateProfileStringW
OpenMutexA
WritePrivateProfileStructA
GetCPInfo
IsDebuggerPresent
TlsGetValue
CompareStringW
CloseHandle
SetConsoleCtrlHandler
GetStartupInfoA
UnhandledExceptionFilter
GetProcAddress
VirtualFree
WriteConsoleA
GetSystemTimeAsFileTime
GetEnvironmentStrings
WriteFile

comctl32

InitCommonControlsEx

user32

RegisterClassExA
SetMenuContextHelpId
MapVirtualKeyExW
CharToOemW
SendMessageTimeoutA
PostThreadMessageW
TrackMouseEvent
RegisterClassA
SetClipboardData
GetMessageTime
CheckRadioButton
SetForegroundWindow

Sections

.text
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fbd0a24277615b2f07f08a685d9071f

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 345KB - Virtual size: 345KB

.rdata Size: 61KB - Virtual size: 90KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 345KB - Virtual size: 345KB

.rdata
Size: 61KB - Virtual size: 90KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 18KB - Virtual size: 17KB