fbea8d7e210e1a88840b4c4a329b7993_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbea8d7e210e1a88840b4c4a329b7993_JaffaCakes118
Size

202KB
MD5

fbea8d7e210e1a88840b4c4a329b7993
SHA1

3e24636061e10894056efb29b72b1968d4cddae5
SHA256

c991b59fb3434805e86d1972fbcddb18d070a2c6a70c8ed47a76b854242c4ef8
SHA512

6fff92ff7f8366042c3117e0a36d22fe53b7962f1213016bbb6fe07c63c9daa3aa2a5f6af873d9da64910122ea16337ccd95714a4d5fed31e1102185c4f05f39
SSDEEP

3072:tIawr0LJEv9g/T6K3HCtFpTIvTSS7HEx5ggThgWl6GpiVxCy4BL9Q:2aHtR/TFiNsvTZ7kx5/hgWl6Gpa4B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbea8d7e210e1a88840b4c4a329b7993_JaffaCakes118

Files

fbea8d7e210e1a88840b4c4a329b7993_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f027e99b80338e714e3a66c045cf02a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongW
CreateWindowExW
InvalidateRect
InvalidateRgn
IsRectEmpty
CharUpperW
WinHelpW
RemovePropW
SetRect
CopyAcceleratorTableW
GetPropW
GetClassInfoExW
SendDlgItemMessageA
SetPropW
RegisterWindowMessageW
GetNextDlgTabItem
CharNextW
MessageBeep
GetNextDlgGroupItem
DestroyMenu

ole32

StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
OleInitialize
OleFlushClipboard
CoTaskMemFree
OleIsCurrentClipboard
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoRevokeClassObject
CLSIDFromProgID
CoInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString

gdi32

RectVisible
GetDeviceCaps
Escape
GetMapMode
SetWindowExtEx
ScaleViewportExtEx
ExtTextOutW
GetBkColor
DeleteDC
OffsetViewportOrgEx
ScaleWindowExtEx
TextOutW
SetViewportOrgEx
GetStockObject
SelectObject
PtVisible
GetTextColor
ExtSelectClipRgn
GetRgnBox

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyW
RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
RegQueryInfoKeyW
RegQueryValueExW

kernel32

SetFilePointer
GetCalendarInfoW
FindNextFileW
SystemTimeToFileTime
WideCharToMultiByte
GetVersion
CreateFileW
DeleteFileW
ReadFile
MultiByteToWideChar
GetThreadContext
RemoveDirectoryW
GetCurrentProcessId
GetLocaleInfoW
EnumResourceNamesA
FindClose
GetCurrentDirectoryW
InterlockedDecrement
GetFileAttributesW
MoveFileW
LocalFileTimeToFileTime
ExitProcess
lstrcpyW
FindFirstFileW
LoadLibraryW
SetFileTime
WriteFile
GetSystemDefaultLangID
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
CreateDirectoryW
GetProcAddress

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathFileExistsW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW
PathAppendW

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f027e99b80338e714e3a66c045cf02a

Headers

File Characteristics

Imports

user32

ole32

gdi32

oleacc

advapi32

kernel32

shell32

shlwapi

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 84KB - Virtual size: 84KB

.edata Size: 1024B - Virtual size: 344KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 84KB - Virtual size: 84KB

.edata
Size: 1024B - Virtual size: 344KB