fb0bbe7d6a44ae1d70fd443d34580fac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb0bbe7d6a44ae1d70fd443d34580fac_JaffaCakes118
Size

413KB
MD5

fb0bbe7d6a44ae1d70fd443d34580fac
SHA1

0afcff0280a3344f0168e92a3c46ab195556e316
SHA256

269bfb805c7269c7531a91d58a943f6204f6f361ac435131fc0f756d14c58078
SHA512

1be40e3961eb79ebe0981cf6b1706eb315b683655878c18781b3b2fc7775e2efe91833949ac3f2f50c1a7d244c33e6def7d933b8890af1846f6c2facaf46bb72
SSDEEP

6144:pzLKR1VS0SygWw1WRWAvW+zGglq7sLn7rfS80z:pzLI1uFM7pXq7sPY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb0bbe7d6a44ae1d70fd443d34580fac_JaffaCakes118

Files

fb0bbe7d6a44ae1d70fd443d34580fac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84364b5829e930a56a7f25ce35035584

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
SHInvokePrinterCommandW
SHGetSettings

comdlg32

PrintDlgA

comctl32

InitCommonControlsEx

user32

RegisterClassExA
GetMenu
IsCharAlphaNumericW
RegisterClassA
EndPaint
WinHelpW
EnumThreadWindows
GetSubMenu
InsertMenuItemA
CreateCursor
IsCharAlphaW
MsgWaitForMultipleObjects
CallMsgFilterW
EnumDisplaySettingsA

advapi32

DuplicateTokenEx
CryptSetProviderW
CryptAcquireContextW
CryptImportKey
StartServiceW
CryptCreateHash
LookupPrivilegeNameA
CryptEnumProviderTypesW
RegSetValueA
CryptSetProviderExW
InitiateSystemShutdownW
RegEnumKeyW
CryptDestroyHash
CryptEncrypt
CryptSetHashParam
RegDeleteKeyA
CryptSignHashW
AbortSystemShutdownA
CryptHashSessionKey
CryptDestroyKey
RegCreateKeyW
ReportEventA
CryptGetProvParam

kernel32

GetEnvironmentStrings
GetCurrentProcess
GetVersionExA
VirtualFree
GetStringTypeA
QueryPerformanceCounter
CreateMutexA
GetDateFormatA
SetConsoleCtrlHandler
WriteFile
DeleteCriticalSection
GetProcAddress
GetTimeFormatA
InterlockedDecrement
CompareStringW
InitializeCriticalSection
GetCommandLineA
SetFilePointer
SetEnvironmentVariableA
LocalFlags
GetCurrentThreadId
CompareStringA
InterlockedExchange
TerminateProcess
GetLocaleInfoA
SetLastError
CloseHandle
LCMapStringA
IsDebuggerPresent
GetOEMCP
GetProcessHeap
GetModuleHandleA
GetLastError
TlsGetValue
Sleep
VirtualAlloc
GetModuleFileNameA
GetSystemTimeAsFileTime
SetHandleCount
GetCurrentProcessId
GetConsoleMode
TlsSetValue
CreateFileA
GetDateFormatW
InterlockedIncrement
ExitProcess
GetTimeZoneInformation
GetConsoleCP
FreeEnvironmentStringsA
WriteConsoleA
FreeEnvironmentStringsW
LoadLibraryA
RtlUnwind
WideCharToMultiByte
HeapDestroy
GetFileType
EnterCriticalSection
IsValidLocale
LeaveCriticalSection
HeapCreate
FlushFileBuffers
SetUnhandledExceptionFilter
TlsFree
GetCPInfo
HeapFree
GetStdHandle
GetConsoleOutputCP
ReadFile
LCMapStringW
MultiByteToWideChar
IsValidCodePage
FreeLibrary
GetStartupInfoA
SetStdHandle
VirtualQuery
GetStringTypeW
UnhandledExceptionFilter
GetACP
HeapReAlloc
GetUserDefaultLCID
WriteConsoleW
OpenMutexA
GetCurrentThread
TlsAlloc
GetEnvironmentStringsW
GetTickCount
HeapSize
HeapAlloc
EnumSystemLocalesA
GetLocaleInfoW

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84364b5829e930a56a7f25ce35035584

Headers

File Characteristics

Imports

shell32

comdlg32

comctl32

user32

advapi32

kernel32

Sections

.text Size: 216KB - Virtual size: 215KB

.rdata Size: 10KB - Virtual size: 22KB

.data Size: 179KB - Virtual size: 179KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 216KB - Virtual size: 215KB

.rdata
Size: 10KB - Virtual size: 22KB

.data
Size: 179KB - Virtual size: 179KB

.rsrc
Size: 7KB - Virtual size: 6KB