fbb302546c7c1c4ce8d7414f00b89786_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbb302546c7c1c4ce8d7414f00b89786_JaffaCakes118
Size

474KB
MD5

fbb302546c7c1c4ce8d7414f00b89786
SHA1

6b66b7d5c05b76a143b4b0ba6aaa0c77c9a8913c
SHA256

781f458ad23376763ad1094fc1ab035f8b48508a50956abc75148e2f997c3ab7
SHA512

9c023d94ac7afc250009b24b8855b82dfe7561be02ea9e707a095073dc4343f46000d28718c2eb240a6b274b8d71c68e5302ae45dac97a1d107a3c876d25d621
SSDEEP

12288:HwgEUWyZ6JnP5OjR0No7A9Ew2z4M0/MQCiD3zxw8SSPJGxmt/xntZ0aUNfSO:HlWy+nP5OjR0No7A9Ew2z4M0/LCiD1wZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbb302546c7c1c4ce8d7414f00b89786_JaffaCakes118

Files

fbb302546c7c1c4ce8d7414f00b89786_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bf15068bffa9a1926008b951be38c1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

advapi32

ReportEventA
RegConnectRegistryA
RegQueryValueW
AbortSystemShutdownW
DuplicateTokenEx
CryptDecrypt
RegOpenKeyExW
CryptAcquireContextW
StartServiceW
RegQueryMultipleValuesA
RegSaveKeyW
RegCreateKeyExA
RegQueryInfoKeyA
RegCreateKeyW
LookupAccountSidW
CryptGetProvParam
LookupAccountNameA

kernel32

SetLastError
MultiByteToWideChar
IsValidLocale
LeaveCriticalSection
LoadModule
HeapSize
WriteConsoleA
IsValidCodePage
QueryPerformanceCounter
RtlUnwind
GetLastError
LCMapStringA
GetConsoleMode
GetModuleFileNameW
SetStdHandle
TlsFree
SetConsoleCtrlHandler
GetUserDefaultLCID
InterlockedExchange
FlushFileBuffers
SetHandleCount
LoadLibraryA
GetStartupInfoW
lstrcatW
FreeEnvironmentStringsW
GetStartupInfoA
GetACP
ExitProcess
GetStringTypeW
CreateDirectoryW
TlsAlloc
HeapReAlloc
VirtualAlloc
GetOEMCP
WriteFile
FreeLibrary
UnhandledExceptionFilter
IsDebuggerPresent
CompareStringA
GetDateFormatA
WriteConsoleW
ReadFile
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetCommandLineW
GetLocaleInfoA
DeleteCriticalSection
TerminateProcess
Sleep
GetCurrentThreadId
GetConsoleCP
WideCharToMultiByte
GetStringTypeA
GetCPInfo
CompareStringW
CloseHandle
GetStdHandle
VirtualFree
GetModuleFileNameA
SetEnvironmentVariableA
CreateMutexA
GetCurrentProcess
SetUnhandledExceptionFilter
GetConsoleOutputCP
GetTickCount
EnumSystemLocalesA
TlsGetValue
GetLocaleInfoW
GetTimeZoneInformation
GetTimeFormatA
VirtualQuery
GetCurrentThread
CreateFileA
GetProcAddress
GetCommandLineA
OpenMutexA
GetCurrentProcessId
InterlockedDecrement
HeapFree
InitializeCriticalSectionAndSpinCount
HeapDestroy
HeapCreate
InterlockedIncrement
GetModuleHandleA
LCMapStringW
SetFilePointer
HeapAlloc
GetFileType
GetModuleHandleW
EnterCriticalSection
TlsSetValue

user32

OpenDesktopW
CheckMenuRadioItem
MessageBoxExA
GetWindowTextLengthW
RemovePropA
ChangeMenuW
DdeInitializeW
MapVirtualKeyW
InsertMenuA
TileWindows
InsertMenuItemW
RegisterClassExA
GetMenuStringA
GetMessageW
CloseWindow
DlgDirSelectExW
IsCharAlphaNumericW
ChangeClipboardChain
CreateMenu
RegisterClassA
CreateDialogParamA
CharUpperW
GetPropA
OpenWindowStationW

shell32

ExtractAssociatedIconW
SheChangeDirA
SHGetDesktopFolder

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bf15068bffa9a1926008b951be38c1d

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

user32

shell32

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 10KB - Virtual size: 31KB

.data Size: 213KB - Virtual size: 212KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 10KB - Virtual size: 31KB

.data
Size: 213KB - Virtual size: 212KB

.rsrc
Size: 6KB - Virtual size: 5KB