fbb71e3eba896fe67a2a59b8f6ba3abb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fbb71e3eba896fe67a2a59b8f6ba3abb_JaffaCakes118
Size

174KB
MD5

fbb71e3eba896fe67a2a59b8f6ba3abb
SHA1

1e6cc389ecb5781232035ca756d7893a5295ca0a
SHA256

08963b45dc484d67456249092025bbb16ce1d17cd307142d42abe2e1452649cf
SHA512

5274a23825d269415d47be7bb372c80b8d28a46db14dc771b91195e784f31286b210031c0214eed4c55a0197dc9610f36efe980f1b43ed6947f84d9e3d3b3a28
SSDEEP

3072:pjSIMtTjMQhZ8zQiUQBxPHNenRKTHOSCAI+Vk3h8:pjSPwQXGQCPiKhCAIP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbb71e3eba896fe67a2a59b8f6ba3abb_JaffaCakes118

Files

fbb71e3eba896fe67a2a59b8f6ba3abb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ecc15af675beceb7e440190cf8345e3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_Destroy
ImageList_Write
ImageList_GetBkColor
ImageList_DrawEx
ImageList_Read
ImageList_Remove

shlwapi

SHStrDupA

version

GetFileVersionInfoSizeA
VerQueryValueA

oleaut32

SafeArrayPtrOfIndex
RegisterTypeLib
SafeArrayGetUBound
SafeArrayGetElement
SysStringLen
VariantChangeType

shell32

DragQueryFileA
SHFileOperationA
SHGetSpecialFolderLocation

user32

AdjustWindowRectEx
BeginPaint
CallNextHookEx

ole32

OleRegGetUserType

gdi32

CreateFontIndirectA
GetObjectA
GetDIBColorTable
CreateBitmap
GetDIBits
GetPaletteEntries

kernel32

ExitThread
lstrcmpiA
GlobalAlloc
GetModuleHandleA
lstrlenA
GetStdHandle
GetThreadLocale
IsBadHugeReadPtr
CloseHandle
RaiseException
Sleep
GetCommandLineA
GetModuleHandleW
GetCurrentThread
LocalAlloc
GetLocalTime
FormatMessageA
VirtualAllocEx
FindFirstFileA
GetACP
lstrcpyA
ExitProcess
LoadLibraryExA
GlobalAddAtomA
GetCurrentThreadId
GetProcAddress
SetFilePointer
GlobalDeleteAtom
VirtualAlloc
GetStringTypeA
GetLastError

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 512B - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecc15af675beceb7e440190cf8345e3d

Headers

File Characteristics

Imports

comctl32

shlwapi

version

oleaut32

shell32

user32

ole32

gdi32

kernel32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 115KB

.cdata Size: 512B - Virtual size: 486B

.adata Size: 115KB - Virtual size: 114KB

.fdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 884B

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 115KB

.cdata
Size: 512B - Virtual size: 486B

.adata
Size: 115KB - Virtual size: 114KB

.fdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 884B