fc0d73956f9065a6766e051ee79afe92_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fc0d73956f9065a6766e051ee79afe92_JaffaCakes118
Size

104KB
MD5

fc0d73956f9065a6766e051ee79afe92
SHA1

c813b107627dd37b92b6ac9f65dc9037437a1c2f
SHA256

d075b5f98414b6ff7ef52e1d1aacd051b931b2a2572dfd8326ffd2b5edc5933f
SHA512

a83b270aea039d5106638903b007e1ea18526d4b8ae72fdb2dcb792d28d81113490a8f62ebd734125b229c1e3cf2708091a5413402a1dcf4a50d08efaa3d92c9
SSDEEP

3072:CjjonaqISR/8GTW68uLMLHM0WxvWOxwJpjLXT8lH:CPonaqr/9W6fLMLH4YOxUpjLXT8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc0d73956f9065a6766e051ee79afe92_JaffaCakes118

Files

fc0d73956f9065a6766e051ee79afe92_JaffaCakes118
.dll windows:4 windows x86 arch:x86

24b512bef78941f68540afc3994604cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
ExpandEnvironmentStringsW
SystemTimeToFileTime
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
GetSystemTime
FormatMessageW
RaiseException
SetThreadPriority
lstrlenW
MultiByteToWideChar
CreateEventA
SetEvent
GetCurrentThread
GetEnvironmentVariableW
CreateFileW
CloseHandle
VirtualAlloc
GetProcessHeap
VirtualFree
WriteFile
CreateDirectoryW
DeleteFileW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
GetCurrentProcess
ReadFile
LoadLibraryA
lstrcmpA
LocalFree
lstrcpyA
LocalAlloc
lstrlenA
FreeLibrary
GetLocaleInfoA
ExitProcess
GetModuleHandleA
GetStartupInfoA
WinExec
VirtualProtect
lstrcpynA
GetProcAddress
GetCommandLineA

user32

DrawTextA
GetSysColor
SystemParametersInfoA
wsprintfA
MapWindowPoints
DestroyIcon
GetKeyboardLayout
LoadBitmapA
DrawFocusRect
GetWindowDC
CheckMenuItem
GetParent
GetClientRect
GetLastActivePopup
SetForegroundWindow
CreatePopupMenu
InsertMenuA
SetActiveWindow
CreateIconIndirect
CreateWindowExA
ShowWindow
LoadStringA
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassExA
TranslateMessage
DispatchMessageA
WinHelpA
GetKeyboardLayoutList
GetMessageA
GetClassNameA
FindWindowA
EnumChildWindows
GetDC
ReleaseDC
GetWindowThreadProcessId
AttachThreadInput
MessageBeep
PostMessageA
DestroyWindow
IsWindow
GetSystemMetrics
wsprintfW
TrackPopupMenuEx

advapi32

RegDeleteValueW
RegQueryValueExA
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegCreateKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
CloseServiceHandle
RegSetValueExW
RegConnectRegistryW
RegOpenKeyExW
RegQueryValueExW
RegisterEventSourceA
ReportEventW
ReportEventA
DeregisterEventSource
RegNotifyChangeKeyValue
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
LookupAccountNameW
LsaClose
LsaAddAccountRights
RegOpenKeyA

gdi32

CreateFontIndirectA
GetObjectA
BitBlt
GetTextExtentPointA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SetTextColor
ExtTextOutA
GetStockObject
PatBlt
SelectObject
DeleteDC
DeleteObject
GetTextCharsetInfo
TranslateCharsetInfo

ole32

CoInitializeEx
CoCreateInstance
CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc

rpcrt4

UuidToStringA
UuidCreate
RpcBindingFree
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrFreeBuffer
NdrConvert
NdrSendReceive
NdrConformantStringMarshall
NdrGetBuffer
NdrConformantStringBufferSize
NdrClientInitializeNew
RpcRaiseException
NdrPointerUnmarshall
RpcStringFreeA

msvcrt

memmove
qsort
_local_unwind2
bsearch
_ultoa
_itoa
_ultow
strtol
isxdigit
_beginthreadex
rand
_errno
_wcsicmp
wcslen
wcstol
calloc
wcsncpy
wcscat
wcsncat
wcstok
wcsstr
wcscpy
_itow
_except_handler3
free
malloc
wcsncmp
_initterm
_adjust_fdiv
memset

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24b512bef78941f68540afc3994604cb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 36KB - Virtual size: 69KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 36KB - Virtual size: 69KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 3KB