fc10d546adf255bc5b368224e4cbf384_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fc10d546adf255bc5b368224e4cbf384_JaffaCakes118
Size

519KB
MD5

fc10d546adf255bc5b368224e4cbf384
SHA1

0323a0d6ba10772f2ed3b34c8f28e798c6b54ab9
SHA256

e6a0813c8416d86b98106f33f91c359807fd93ad1eb049611837edd3ce1a9e84
SHA512

81244d4e87faa86763995a35bac66f2555ba405b362b39f5650c8ae7e639b1454ce7a1482bd262a886855deb5c303371f7a5ad8940f2b21828031c5ba14dfa61
SSDEEP

12288:x5pIdAyDwU1+VIP+wdGUrhEk41LAc/poZsoZGNk0P:I91+Vi8UrhEBhAAZfGw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc10d546adf255bc5b368224e4cbf384_JaffaCakes118

Files

fc10d546adf255bc5b368224e4cbf384_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97b0f14ed38bb6d5d0b0c0100a8f480b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

RegisterClassA
RegisterWindowMessageW
GetClipboardData
MapWindowPoints
RegisterClassExA
EqualRect
RemoveMenu
SetScrollRange
GetClientRect
GetMenuCheckMarkDimensions
EnumDesktopsA
SetClipboardViewer
OpenDesktopW
GetWindowContextHelpId
UnregisterClassA
GetActiveWindow
OemToCharBuffW
GetDoubleClickTime

advapi32

DuplicateToken
CreateServiceA
RegCloseKey
RegEnumKeyExW
CryptHashSessionKey
CryptGetProvParam
RegSetKeySecurity
LookupAccountSidW
RegQueryValueExW
RegCreateKeyW
CryptDestroyKey
LookupAccountNameW
CryptVerifySignatureA
RegSetValueExW
RegOpenKeyExA
RegNotifyChangeKeyValue

comdlg32

GetSaveFileNameW
FindTextW
GetOpenFileNameW
LoadAlterBitmap

kernel32

GetCommandLineA
GetSystemTimeAsFileTime
GetStartupInfoA
HeapCreate
InterlockedDecrement
GetVolumeInformationW
CompareStringW
GetStartupInfoW
GetCurrentProcessId
SetFilePointer
GetModuleHandleA
TlsFree
QueryPerformanceCounter
GetEnvironmentStrings
ExitProcess
EnumResourceTypesW
LeaveCriticalSection
SetEnvironmentVariableA
RtlUnwind
TlsSetValue
TerminateProcess
SetStdHandle
DeleteCriticalSection
WriteFile
CreateMailslotA
VirtualQuery
GetProcessAffinityMask
SetUnhandledExceptionFilter
HeapDestroy
GetCurrentThread
InitializeCriticalSection
GetTimeZoneInformation
WriteFileEx
SetLastError
GetDriveTypeW
VirtualProtect
ReadFile
IsBadWritePtr
LoadLibraryA
MultiByteToWideChar
GetProcAddress
GetCurrentProcess
WideCharToMultiByte
WriteProfileStringA
CreateMutexA
GetVersion
OpenMutexA
TlsAlloc
lstrcpynA
GetCommandLineW
UnhandledExceptionFilter
GetFileType
CompareStringA
TlsGetValue
CreateFileMappingW
WriteConsoleOutputAttribute
SetCurrentDirectoryA
lstrlenA
GetShortPathNameW
FlushInstructionCache
InterlockedIncrement
HeapReAlloc
FreeEnvironmentStringsW
FlushFileBuffers
GetSystemTime
GetTickCount
GetStdHandle
GetStringTypeA
GetEnvironmentStringsW
InterlockedExchange
VirtualFree
GetModuleFileNameW
EnterCriticalSection
HeapFree
HeapAlloc
CloseHandle
LCMapStringW
GetCurrencyFormatW
OpenWaitableTimerW
LCMapStringA
GetLastError
GetCPInfo
GetLocalTime
FreeEnvironmentStringsA
GetStringTypeW
SetHandleCount
GetCurrentThreadId
VirtualAlloc
EnumResourceTypesA
lstrcpyW
FileTimeToDosDateTime
GetModuleFileNameA

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97b0f14ed38bb6d5d0b0c0100a8f480b

Headers

File Characteristics

Imports

comctl32

user32

advapi32

comdlg32

kernel32

Sections

.text Size: 193KB - Virtual size: 192KB

.rdata Size: 5KB - Virtual size: 21KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 193KB - Virtual size: 192KB

.rdata
Size: 5KB - Virtual size: 21KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 5KB - Virtual size: 5KB