fc79ecfe47dccdb76953e51b4012f830_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc79ecfe47dccdb76953e51b4012f830_JaffaCakes118
Size

823KB
MD5

fc79ecfe47dccdb76953e51b4012f830
SHA1

fd0166ca6bb6bdc12443068b039ffc9303e6b10f
SHA256

1749f347fca1da8bd7a17ed42b6d4dcdb28b8c127824d22caf89717257919067
SHA512

86f3f603200dfbd99d8e11ef7427f8a437ad8049532a2b2dcd6ab0c2f976168440fdb1c92c7a7baddb6c29b3b80decb3996a2d2bcb432d03ce04c5b18b7c8552
SSDEEP

12288:BvSqjMCQJGHe+OOOz1ir9IZOcvF7+AKJmBfccUr0BMP6gxo:PnQJb+vqWcOcvJvfc2MP6v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc79ecfe47dccdb76953e51b4012f830_JaffaCakes118

Files

fc79ecfe47dccdb76953e51b4012f830_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b2b17a3508b03ad57c9e05b7fcb2242

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
MultiByteToWideChar
LoadLibraryA
HeapFree
HeapDestroy
Sleep
InterlockedDecrement
InterlockedDecrement
CreateThread
ReadFile
GetCurrentProcess
LocalFree
GetModuleHandleA
VirtualAlloc
VirtualAlloc
GetVersionExA
LocalFree
LocalFree
VirtualProtect
DeleteCriticalSection
GetProcessHeap
CreateFileW
VirtualAlloc
GetCurrentThreadId
CreateThread
GetLastError
SetLastError
GetModuleHandleW
InitializeCriticalSection
DisableThreadLibraryCalls
GetTickCount
GetModuleFileNameA
VirtualProtect
CloseHandle
Sleep
InterlockedIncrement
GetVersionExA
LeaveCriticalSection
GetProcessHeap
UnhandledExceptionFilter
GetVersionExA
QueryPerformanceCounter
lstrlenA
CloseHandle
GetVersionExA
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
MultiByteToWideChar
GetProcessHeap
HeapFree
GetModuleHandleW
GetModuleHandleW
GetProcAddress
Sleep
GetSystemTimeAsFileTime
GetCurrentThreadId
VirtualProtect
HeapDestroy
GetLastError
GetModuleFileNameA
LeaveCriticalSection
InterlockedExchange
VirtualProtect
InterlockedCompareExchange
InterlockedCompareExchange
HeapAlloc
GetModuleFileNameA
UnhandledExceptionFilter
InterlockedIncrement
LoadLibraryW
GetCurrentProcessId
HeapFree
Sleep
QueryPerformanceCounter
LocalFree
LoadLibraryW
VirtualAlloc
GetCurrentProcess
Sleep
GetProcAddress
LocalFree
HeapFree
HeapFree
GetCurrentProcess
SetLastError
GetProcAddress
GetTickCount
CreateEventW
GetModuleHandleW
InitializeCriticalSection
HeapAlloc
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetVersionExA
GetSystemTimeAsFileTime
lstrcmpiW
UnhandledExceptionFilter
LeaveCriticalSection
GetProcessHeap
GetModuleHandleW
GetProcessHeap
CreateFileW
GetCurrentProcess
InterlockedIncrement
HeapAlloc
GetSystemTimeAsFileTime
GetTickCount

user32

MessageBoxW
SetWindowLongW
DestroyWindow
DispatchMessageW
SetTimer
IsWindow
InvalidateRect
GetDC
SetWindowPos
EnableWindow
KillTimer
TranslateMessage
LoadIconW
SetForegroundWindow
PostQuitMessage
DispatchMessageW
GetParent
BeginPaint
GetClientRect
SetCursor
EndDialog
SendDlgItemMessageW
SetTimer
DestroyWindow
LoadStringW
GetSysColor
KillTimer
TranslateMessage
EnableWindow
PostQuitMessage
EnableWindow
GetDlgItem
MessageBoxW
SetDlgItemTextW
IsWindow
SetForegroundWindow
MessageBoxW
SetDlgItemTextW
GetParent
CharNextW
SetWindowLongW
DefWindowProcW
EndDialog
GetWindowRect
SetFocus
GetWindowLongW
GetDC
BeginPaint
SetFocus
TranslateMessage
BeginPaint
GetDC
IsWindow
EndDialog
PeekMessageW
wsprintfA
BeginPaint
BeginPaint
EnableWindow
InvalidateRect
ReleaseDC
GetDC
CreateWindowExW
LoadCursorW
PeekMessageW
EnableWindow
BeginPaint
DialogBoxParamW
SetWindowLongW
EndDialog
DestroyWindow
PeekMessageW
DefWindowProcW
SetCursor
KillTimer
BeginPaint
ReleaseDC
GetWindowLongW
IsWindow
GetDesktopWindow
SetTimer
DestroyWindow
ShowWindow
BeginPaint
wsprintfA
SendMessageW
BeginPaint
GetDesktopWindow
ShowWindow
IsWindow
CreateWindowExW
GetClientRect
EndDialog
BeginPaint
SetWindowTextW
MessageBoxW
GetDC
wsprintfA
BeginPaint
DefWindowProcW

Sections

.text
Size: 734KB - Virtual size: 992KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b2b17a3508b03ad57c9e05b7fcb2242

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 734KB - Virtual size: 992KB

.data Size: - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 8KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 734KB - Virtual size: 992KB

.data
Size: - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 82KB - Virtual size: 84KB