fcb44abad3fb582fd7f76e7ee56e014d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fcb44abad3fb582fd7f76e7ee56e014d_JaffaCakes118
Size

445KB
MD5

fcb44abad3fb582fd7f76e7ee56e014d
SHA1

bdff2ef72d26e5552b454b6f459e693c2d4652ec
SHA256

00fb9c13078a9630fbdcbf123e3e4a5b530fc5409d6b1877c8240bc4fcf01498
SHA512

88e9d68c72bb92467a6b4f9171606a54e0cdf875d3c67a0b55707addc9acc560d5f9fb7cc2486674f99d4c77be0e87d59014f297225fb4def2a21b246b202fa8
SSDEEP

12288:NH0d7YMRbbfnv+08kEWrey8BdBmiPasbZfnR:Sd759qoTSBmiPasb/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcb44abad3fb582fd7f76e7ee56e014d_JaffaCakes118

Files

fcb44abad3fb582fd7f76e7ee56e014d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e996d1d59cb37ec0a3950c432524b8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptSetProviderW
LookupPrivilegeDisplayNameW
InitiateSystemShutdownA
LookupPrivilegeValueW
RegSaveKeyW
RegDeleteKeyA

gdi32

PolyPolyline
SetMagicColors
DPtoLP
GetClipBox
GetKerningPairsA
GetRegionData
SetDIBitsToDevice
GetPaletteEntries
PlgBlt
SetColorAdjustment

comdlg32

ChooseColorA
ChooseColorW
PageSetupDlgA
FindTextA
LoadAlterBitmap

wininet

InternetOpenW
HttpQueryInfoA
HttpSendRequestW
InternetSetOptionExA
DeleteUrlCacheContainerW
GetUrlCacheEntryInfoW
SetUrlCacheConfigInfoA
IsUrlCacheEntryExpiredA
GetUrlCacheEntryInfoExW
InternetCloseHandle
GetUrlCacheHeaderData

kernel32

SetUnhandledExceptionFilter
GetCommandLineA
GetVersionExA
GetLocaleInfoW
HeapReAlloc
GetCurrentThreadId
DeleteCriticalSection
GetACP
GetTimeZoneInformation
CompareStringA
TlsAlloc
LoadLibraryA
WriteFile
HeapSize
GetTickCount
GetUserDefaultLCID
MultiByteToWideChar
GetCPInfo
WideCharToMultiByte
GetModuleHandleA
GetModuleFileNameA
GetDateFormatA
EnterCriticalSection
GetCurrentProcessId
FreeLibrary
DebugActiveProcess
GetCurrentThread
GetCurrentProcess
LeaveCriticalSection
GetStringTypeA
HeapFree
SetHandleCount
LCMapStringA
ExitProcess
GetLocaleInfoA
Sleep
FreeEnvironmentStringsA
GetEnvironmentStringsW
SetEnvironmentVariableA
HeapCreate
GetOEMCP
InterlockedIncrement
SetConsoleCtrlHandler
TlsGetValue
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoA
TlsSetValue
GetProcAddress
VirtualQuery
InterlockedDecrement
InitializeCriticalSection
FreeEnvironmentStringsW
GetFileType
TerminateProcess
GetEnvironmentStrings
GetLastError
InterlockedExchange
HeapAlloc
QueryPerformanceCounter
GetStringTypeW
EnumSystemLocalesA
FindFirstFileExW
LCMapStringW
VirtualAlloc
GetNamedPipeHandleStateW
IsValidLocale
TlsFree
GetStdHandle
IsValidCodePage
UnhandledExceptionFilter
IsDebuggerPresent
SleepEx
VirtualFree
CompareStringW
GetTimeFormatA
GetProcessHeap
SetLastError
HeapDestroy

shell32

ExtractAssociatedIconA
SHInvokePrinterCommandA
FreeIconList
ExtractIconA
SHAppBarMessage
FindExecutableA
SheSetCurDrive
SHChangeNotify
SHGetFileInfo
ShellExecuteW

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e996d1d59cb37ec0a3950c432524b8c

Headers

File Characteristics

Imports

advapi32

gdi32

comdlg32

wininet

kernel32

shell32

Sections

.text Size: 160KB - Virtual size: 159KB

.data Size: 276KB - Virtual size: 281KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 160KB - Virtual size: 159KB

.data
Size: 276KB - Virtual size: 281KB

.rsrc
Size: 8KB - Virtual size: 7KB