fbf066a4a249db3eaaa0923385c3a76c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbf066a4a249db3eaaa0923385c3a76c_JaffaCakes118
Size

566KB
MD5

fbf066a4a249db3eaaa0923385c3a76c
SHA1

b99db2960d0b1866f7ebc2a3b221ed658a7ee762
SHA256

64f4b06c1cedf2aa477e7de7a8d3104c87c055fc8e845365ea31e854a691dd77
SHA512

be297d83fda37d63ca95cf5b067c09921e4daa0daee3ba5172337844ce8bfb23f49f1f4b4b91c11fd39cf9fbdfd3590db9e226c8345373f418b1b320174ad797
SSDEEP

12288:7BIGdm4evANpUu8t65mKj6RZL3vKEy009WmzXljr5gvjPFy1x8:7BJevAN2vt6Dj6HvU9fTljVgvjPa8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbf066a4a249db3eaaa0923385c3a76c_JaffaCakes118

Files

fbf066a4a249db3eaaa0923385c3a76c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f66d09142f65c6863aef2f588503b7c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\suoqc

Imports

comdlg32

ChooseFontA
GetOpenFileNameW
FindTextA
PageSetupDlgA

kernel32

GlobalReAlloc
CreateMutexA
CloseHandle
VirtualQuery
GetStringTypeW
DebugActiveProcess
ExpandEnvironmentStringsW
CreatePipe
GetVersionExA
WriteProfileSectionW
HeapReAlloc
LockResource
GetACP
OpenMutexW
SetConsoleActiveScreenBuffer
EnumTimeFormatsW
GetConsoleOutputCP
HeapDestroy
ReleaseMutex
GetStringTypeA
WideCharToMultiByte
HeapAlloc
IsValidCodePage
GetCurrentThread
FreeEnvironmentStringsW
GetEnvironmentStrings
LockFileEx
RtlUnwind
GetTickCount
HeapCreate
EnumCalendarInfoW
SetFilePointer
GetLongPathNameA
GetTimeFormatA
VirtualFree
GetMailslotInfo
GetCPInfo
GetConsoleMode
GetStringTypeExA
GetDiskFreeSpaceExA
FlushViewOfFile
GetUserDefaultLCID
InterlockedIncrement
EnumSystemCodePagesW
GetCommandLineA
GetProcAddress
MultiByteToWideChar
GetCurrentProcessId
IsDebuggerPresent
TlsGetValue
FreeLibrary
EnumResourceTypesA
GetTimeZoneInformation
SetStdHandle
lstrcpynA
GetFullPathNameA
LoadLibraryExW
GetCurrentThreadId
DeleteFileA
SetCurrentDirectoryW
GetCurrentProcess
SetEndOfFile
UnhandledExceptionFilter
SetConsoleCtrlHandler
SetHandleCount
SetVolumeLabelW
LCMapStringA
TlsFree
GetLocaleInfoA
GetLastError
QueryPerformanceCounter
FreeResource
TryEnterCriticalSection
FreeEnvironmentStringsA
ReadConsoleOutputCharacterW
GetDateFormatA
IsBadWritePtr
SetLastError
SetUnhandledExceptionFilter
CreateMailslotW
GetModuleHandleA
InterlockedDecrement
InterlockedExchange
CreateDirectoryExW
GetOEMCP
TlsSetValue
EnumSystemCodePagesA
ReadConsoleOutputA
WriteConsoleOutputAttribute
WriteConsoleA
SetEnvironmentVariableA
GetComputerNameW
InterlockedCompareExchange
GetFullPathNameW
GetConsoleCP
GetProcessHeap
GetFileType
InitializeCriticalSection
CompareStringW
GetConsoleTitleW
GetSystemDefaultLCID
IsBadReadPtr
EnumDateFormatsA
GetNamedPipeInfo
GetSystemTimeAdjustment
OpenMutexA
GetCalendarInfoA
CreateNamedPipeW
HeapFree
LeaveCriticalSection
GetNumberFormatA
FreeLibraryAndExitThread
ExitProcess
lstrcmpW
GetThreadTimes
GetCurrentDirectoryW
DeleteCriticalSection
FileTimeToLocalFileTime
EnumDateFormatsExA
GetModuleFileNameA
TlsAlloc
WriteConsoleW
FlushFileBuffers
GetStdHandle
GlobalFree
FindResourceA
HeapLock
EnterCriticalSection
CreateFileA
GetLocaleInfoW
SetLocalTime
EnumSystemLocalesA
ReadFile
GetEnvironmentVariableW
GetSystemTimeAsFileTime
CompareStringA
SetCurrentDirectoryA
LoadLibraryA
GetThreadSelectorEntry
AddAtomW
GetEnvironmentStringsW
HeapSize
IsValidLocale
LCMapStringW
GetProfileIntW
WriteFile
VirtualAlloc
GetStartupInfoA
Sleep
RtlMoveMemory
TerminateProcess

user32

GetClipboardFormatNameW
SendNotifyMessageA
GetMenuItemCount
DestroyAcceleratorTable
DdeDisconnect
DdeCmpStringHandles
OpenClipboard
DdeDisconnectList
AnimateWindow
IsIconic
SendMessageW
SetWindowTextW
SetUserObjectInformationA
ReuseDDElParam
FreeDDElParam
SendIMEMessageExA
IsChild
RegisterWindowMessageA
EnumDisplayDevicesA
SendInput
GetWindowLongW
DispatchMessageW
DestroyWindow
MenuItemFromPoint
DlgDirSelectComboBoxExA
OpenIcon
VkKeyScanExW
CheckMenuItem
SetDoubleClickTime
CharUpperBuffA
EnumWindowStationsW
SetDebugErrorLevel
EndTask
CreateWindowExA
EnumDesktopWindows
GrayStringA
WindowFromPoint
ActivateKeyboardLayout
CopyImage
DrawAnimatedRects
GetClipboardData
SetClipboardData
EndPaint
GetMessageTime
GetDC
DefDlgProcW
SwitchDesktop
RegisterClassExA
LockWindowUpdate
IsZoomed
IsCharLowerW
CreateIconFromResourceEx
SetMenu
GetKeyboardLayoutNameW
wsprintfW
FindWindowExW
GetWindowThreadProcessId
DialogBoxIndirectParamW
SetProcessDefaultLayout
BroadcastSystemMessageA
GetWindowWord
RemoveMenu
OemToCharBuffA
DestroyIcon
CheckDlgButton
IsWindowEnabled
GetKeyNameTextA
DrawFrameControl
GetOpenClipboardWindow
CreateDialogParamW
GetTabbedTextExtentA
GetClassLongW
DdeClientTransaction
BroadcastSystemMessage
DefWindowProcA
GetDlgItemInt
IsCharUpperA
GetAltTabInfo
MessageBoxW
CreateDialogParamA
InvertRect
MessageBoxExW
SendMessageTimeoutW
DdeAbandonTransaction
PostMessageW
RegisterClassA
DdeFreeDataHandle
SetSysColors
GrayStringW
ModifyMenuW
TileWindows
ShowWindow
GetPriorityClipboardFormat
DlgDirListComboBoxA
WinHelpW
InsertMenuItemA

comctl32

DrawStatusText
CreateStatusWindowW
ImageList_Destroy
InitCommonControlsEx
ImageList_DrawIndirect
GetEffectiveClientRect

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f66d09142f65c6863aef2f588503b7c8

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

user32

comctl32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 254KB - Virtual size: 253KB

.data Size: 109KB - Virtual size: 113KB

.rsrc Size: 38KB - Virtual size: 37KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 254KB - Virtual size: 253KB

.data
Size: 109KB - Virtual size: 113KB

.rsrc
Size: 38KB - Virtual size: 37KB