fc895b0a02e94ee800fea9d5ce530aee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc895b0a02e94ee800fea9d5ce530aee_JaffaCakes118
Size

41KB
MD5

fc895b0a02e94ee800fea9d5ce530aee
SHA1

82e5b9989da4e4c60dc0393d20d3577a058fbf2a
SHA256

2290a9c4655d51ffd398a03da6256d6e845c2816e0cc7c2606678b1f882317ea
SHA512

13a8dda3865ebcce63589d3b82309235a94aaac4bb8b03395f6b1773eea96e660054ee7e849c5b8eb704846c4fadf62a56dd0ef46326ee137325ce69d6b75f83
SSDEEP

768:rddLGBrfVNEgM21casgtoW+xnE4/8sHvOcQV7PKCe:Tiu+scGxnaQOcQVWCe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc895b0a02e94ee800fea9d5ce530aee_JaffaCakes118

Files

fc895b0a02e94ee800fea9d5ce530aee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dcc91b19ba1536ce3ed6f9461522db98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow
SendMessageA

msvcr90

exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
_ismbblead
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
strstr
strcpy
strcat
strrchr
strcmp
??_V@YAXPAX@Z
??_U@YAPAXI@Z
strlen
malloc
free
realloc
memset
_CxxThrowException
memcpy
??2@YAPAXI@Z
__CxxFrameHandler3
??3@YAXPAX@Z
__set_app_type
_stricmp

mfc90

ord4160
ord6784
ord1644
ord2368
ord2375
ord2625
ord2607
ord2605
ord2623
ord2635
ord2612
ord2628
ord2633
ord2616
ord2618
ord2620
ord2614
ord2630
ord2610
ord969
ord965
ord967
ord963
ord958
ord5666
ord5668
ord6446
ord1729
ord4683
ord5139
ord3732
ord1384
ord2369
ord5640
ord4589
ord6780
ord5497
ord2070
ord5581
ord4650
ord1497
ord4330
ord1752
ord1755
ord6391
ord3346
ord1684
ord4416
ord2645
ord2646
ord3278
ord5786
ord979
ord6361
ord3222
ord6359
ord3221
ord5323
ord3225
ord4539
ord5436
ord5432
ord2855
ord2079
ord2445
ord5339
ord4970
ord1700
ord5389
ord670
ord776
ord5601
ord1097
ord3371
ord3730
ord4513
ord3932
ord4027
ord4880
ord4881
ord4679
ord2139
ord1445
ord3218
ord6356
ord3670
ord4688
ord5647
ord2074
ord5584
ord4331
ord4364
ord5279
ord5282
ord4786
ord4791
ord4788
ord4806
ord4808
ord4793
ord5195
ord4585
ord4576
ord5403
ord5209
ord4851
ord6782
ord3655
ord3274
ord5606
ord5005
ord4794
ord5199
ord4608
ord4850
ord621
ord2232
ord3842
ord4000
ord778
ord585
ord576
ord451
ord4673
ord4684
ord5641
ord2071
ord4417
ord2647
ord978
ord6362
ord6360
ord3224
ord4717
ord5437
ord5434
ord2080
ord1734
ord4112
ord787
ord2189
ord2341
ord2340
ord6318
ord4706
ord4437
ord5602
ord3792
ord3991
ord388
ord4670
ord4891
ord3110
ord6533
ord6419
ord3030
ord3331
ord4627
ord2090
ord5156
ord5270
ord4663
ord5928
ord3004
ord5844
ord1466
ord6027
ord5589
ord2239
ord2204
ord6742
ord2862
ord2854
ord4979
ord650
ord5122
ord3832
ord3998
ord4645
ord2281
ord3555
ord3245
ord5600
ord4252
ord6355
ord3217
ord1446
ord2138
ord1792
ord1791
ord1728
ord5633
ord2766
ord2978
ord3107
ord4714
ord2961
ord3135
ord2769
ord2888
ord2759
ord4066
ord4067
ord4057
ord2886
ord4334
ord4895
ord4671
ord450
ord575
ord3999
ord3841
ord349
ord3671
ord5433

kernel32

GetProcessHeap
VirtualProtect
VirtualFree
LoadLibraryA
CreateFileA
Sleep
lstrcpyA
CreateThread
lstrlenA
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeLibrary
HeapFree
GetProcAddress

imagehlp

MakeSureDirectoryPathExists

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcc91b19ba1536ce3ed6f9461522db98

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcr90

mfc90

kernel32

imagehlp

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 6KB