fd27825fe9a72c61e5d37649c0e90b67_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fd27825fe9a72c61e5d37649c0e90b67_JaffaCakes118
Size

439KB
MD5

fd27825fe9a72c61e5d37649c0e90b67
SHA1

6c24daaf6f5d6ddcefaec33c9b2fc42f844ce598
SHA256

1938cf8bac12c261889f9df057557c1907879d7f25317a0aa191064219e87535
SHA512

50dfad7b53c12569ad8d42b906a1b4d7ca243d30b43ec08c16093c887b3c9e9d6570218a7153b55dc138c2d69beac954025d8f91c0547455282ea61a841bd9b9
SSDEEP

12288:WRsm2RdaHqDJXSY4lGfw/XG8xaj4EEp0AwRJpAUOqdhFAD4aC/DRfB:OqNCKfgpMw0AwnuDqdhyD4aCLt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd27825fe9a72c61e5d37649c0e90b67_JaffaCakes118

Files

fd27825fe9a72c61e5d37649c0e90b67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddf518db2e5cb1c7d7e08ff2c52f6992

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextColor
GetRgnBox
CreateFontA
SetStretchBltMode
SetTextAlign
GetPixelFormat
AddFontResourceW
GetMetaFileA
SetPolyFillMode
SetMapMode
PatBlt
CreateMetaFileA
SetMapperFlags
SetAbortProc
GetPixel

comdlg32

ChooseFontW
PrintDlgW
GetFileTitleA
GetSaveFileNameW
ReplaceTextA
LoadAlterBitmap
PageSetupDlgA

wininet

FtpOpenFileA
UnlockUrlCacheEntryFileW
InternetCreateUrlW
IsUrlCacheEntryExpiredA
FtpSetCurrentDirectoryW
FindFirstUrlCacheEntryExA
SetUrlCacheConfigInfoW
GetUrlCacheHeaderData
GetUrlCacheGroupAttributeW
InternetGetCookieA
InternetGetConnectedStateExW
FtpFindFirstFileW
InternetAutodialHangup
InternetAutodial
InternetCombineUrlA
InternetCanonicalizeUrlA
SetUrlCacheGroupAttributeW
FtpOpenFileW
DeleteIE3Cache
InternetShowSecurityInfoByURLW
GetUrlCacheEntryInfoExA
HttpEndRequestW
InternetGetConnectedStateEx

advapi32

RegEnumValueA
RegOpenKeyW
CryptSetProviderA
CryptGetDefaultProviderW
RegCreateKeyExW
LookupPrivilegeNameW
RegLoadKeyW
RegEnumKeyExA
LookupPrivilegeDisplayNameW
RegOpenKeyExA
LookupPrivilegeDisplayNameA
RegSaveKeyW
RegEnumKeyW
RegNotifyChangeKeyValue
CryptGenRandom
LookupAccountNameW
CryptEnumProviderTypesA
RegSetValueA
RegQueryValueA
RegQueryValueExA
CryptContextAddRef
LookupAccountSidW
RegEnumValueW
RegQueryMultipleValuesA
LookupSecurityDescriptorPartsW

kernel32

lstrcmpiW
WriteFileEx
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
QueryPerformanceCounter
MapViewOfFileEx
GetCurrentProcess
EnumResourceNamesW
GetTickCount
GetModuleFileNameA
HeapFree
LocalShrink
LoadLibraryA
WaitForSingleObject
InterlockedExchange
SetLastError
TerminateProcess
GetSystemDefaultLangID
SetComputerNameA
VirtualAlloc
VirtualQuery
GetCurrentThreadId
HeapReAlloc
GetCurrentProcessId
RtlUnwind
GetProcAddress
GetModuleHandleA

user32

SetWindowRgn
TranslateAccelerator
DlgDirSelectExA
GetCaretBlinkTime
DrawStateA
PostThreadMessageA
VkKeyScanExA
SetRectEmpty
MessageBoxA
SetProcessDefaultLayout

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddf518db2e5cb1c7d7e08ff2c52f6992

Headers

File Characteristics

Imports

gdi32

comdlg32

wininet

advapi32

kernel32

user32

Sections

.text Size: 155KB - Virtual size: 155KB

.data Size: 266KB - Virtual size: 265KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 155KB - Virtual size: 155KB

.data
Size: 266KB - Virtual size: 265KB

.rsrc
Size: 16KB - Virtual size: 16KB