fc623964cc2e07e6ce5e5e5340cb5381_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc623964cc2e07e6ce5e5e5340cb5381_JaffaCakes118
Size

505KB
MD5

fc623964cc2e07e6ce5e5e5340cb5381
SHA1

68064bb8398dd94bfa45b3f45af283d17524f164
SHA256

42ee00e61cae9d31202ad51050ef18819b0f3a6e3e88271e0b473ee46389037d
SHA512

bfc0a276e904e9c7e24d5cf8e06a45d26ec03043f0db1bcb25ba33280983fe654af909d0cfc4bda89099c8bbd4742c4b37cffb4658e3c3b590bb4ea9f521b06f
SSDEEP

12288:LV93zScE1Kj0Ca2QhmDjo8s/3uHZnBvjQFyWlB:LBnQhmDj8/+HZvY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc623964cc2e07e6ce5e5e5340cb5381_JaffaCakes118

Files

fc623964cc2e07e6ce5e5e5340cb5381_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03cba8a4e9dc02f230f95401bbb7ae57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

_TrackMouseEvent
ord17

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
FlushInstructionCache
GetCurrentProcess
lstrcmpA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
SetLastError
CreateDirectoryA
GetFileAttributesA
GetTempPathA
SetFileAttributesA
GlobalMemoryStatus
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
GetFileSize
CreateFileA
SystemTimeToFileTime
CompareFileTime
GetFileTime
GetSystemDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
ReadFile
GetACP
FlushFileBuffers
WriteFile
LockResource
FindResourceExA
SetFileTime
lstrcatA
Sleep
SetFilePointer
WinExec
GetWindowsDirectoryA
GetVersionExA
GlobalFree
GlobalHandle
QueryPerformanceCounter
GetCurrentProcessId
SetStdHandle
SetHandleCount
lstrcpyA
GetFileType
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
HeapCreate
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
GetLocalTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetConsoleMode
GetConsoleCP
RtlUnwind
ExitProcess
VirtualQuery
GetSystemInfo
VirtualProtect
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleW
WriteConsoleA
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentThreadId
lstrcpynA
lstrcmpiA
lstrlenA
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GetModuleFileNameA
CopyFileA
DeleteFileA
FileTimeToSystemTime
GetModuleHandleA
GetTickCount
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
SetEndOfFile

user32

SetCursor
SetWindowContextHelpId
MapDialogRect
LoadIconA
EndDialog
DrawTextA
SystemParametersInfoA
MapWindowPoints
BringWindowToTop
GetWindowRect
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CreateAcceleratorTableA
RegisterClassExA
GetClassInfoExA
GetDesktopWindow
SetFocus
SetTimer
KillTimer
SetDlgItemTextA
AdjustWindowRectEx
MessageBoxA
CreateDialogParamA
DialogBoxIndirectParamA
CreateDialogIndirectParamA
IsDialogMessageA
GetMessageA
GetActiveWindow
SendDlgItemMessageA
DestroyAcceleratorTable
BeginPaint
EndPaint
DestroyWindow
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
SetWindowPos
CallWindowProcA
GetSysColor
GetFocus
GetAsyncKeyState
GetKeyState
PostMessageA
MoveWindow
SendMessageA
GetWindow
GetClientRect
GetWindowLongA
SetWindowLongA
CharNextA
CreateWindowExA
ShowWindow
FindWindowA
LoadCursorA
RegisterClassA
PostThreadMessageA
LoadStringA
PeekMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
PostQuitMessage
IsWindow
UnregisterClassA

gdi32

SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
GetObjectA
GetStockObject
SetTextColor
CreateFontIndirectA
TextOutA
DeleteObject

advapi32

RegDeleteValueA
RegCloseKey
RegQueryValueExA
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
EqualSid
FreeSid
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA

shell32

ShellExecuteExA

ole32

OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleUninitialize
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
StringFromCLSID
CoUninitialize
CoInitialize
OleLockRunning

oleaut32

LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
DispCallFunc
SysAllocString
SysAllocStringLen
VariantClear
VariantInit
SysStringLen
VarUI4FromStr
SysFreeString
LoadTypeLi

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

03cba8a4e9dc02f230f95401bbb7ae57

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 304KB - Virtual size: 300KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 32KB - Virtual size: 49KB

.rsrc Size: 32KB - Virtual size: 28KB

.rrdata Size: 68KB - Virtual size: 68KB

.text
Size: 304KB - Virtual size: 300KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 32KB - Virtual size: 49KB

.rsrc
Size: 32KB - Virtual size: 28KB

.rrdata
Size: 68KB - Virtual size: 68KB