fd97da7363573ffac6584193c095e9fa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fd97da7363573ffac6584193c095e9fa_JaffaCakes118
Size

448KB
MD5

fd97da7363573ffac6584193c095e9fa
SHA1

d9995066471a8769f1ad65c5d097e10f10f1cdac
SHA256

8d516f34404d710b8f7ec85ba674932351cd9042034a943c5d4cbe48f64560df
SHA512

cbb0f3a4746e84c77392e09ab186362397947710ea0e824e7f6896c413de2e1843447665926b0fc9dfaf09fff6f586d77194e2f99014f3d2e3650c88f3f1e05f
SSDEEP

6144:NAzgrj8ATDQBClxdRVLc+LpfKoddmlhbdnTBcUZTZebX8usNN:T0xwxJNKOd6hbdnTB/ZebXdsN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd97da7363573ffac6584193c095e9fa_JaffaCakes118

Files

fd97da7363573ffac6584193c095e9fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5c133b8bb7c95abb2005bc3d599b49a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
GetEnvironmentStringsW
FindAtomA
CreateEventW
GetACP
lstrcmpiW
HeapAlloc
SetUnhandledExceptionFilter
LCMapStringA
HeapCreate
MultiByteToWideChar
WideCharToMultiByte
LoadModule
HeapDestroy
VirtualFree
IsValidLocale
TlsGetValue
GetCurrentThread
GetDateFormatA
lstrcmpi
InterlockedIncrement
CompareStringA
GetEnvironmentStrings
CompareStringW
LoadLibraryExA
GetLocaleInfoA
LeaveCriticalSection
GetCommandLineA
GetProcAddress
CopyFileA
GetCPInfo
SetHandleCount
ReadConsoleOutputCharacterA
SetVolumeLabelW
CreateNamedPipeA
GetLocaleInfoW
VirtualQuery
GetUserDefaultLCID
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetExitCodeProcess
GetOEMCP
LCMapStringW
FreeLibrary
HeapReAlloc
GetTimeZoneInformation
ExitProcess
lstrcmpA
SetLocaleInfoW
VirtualAlloc
SetLastError
QueryPerformanceCounter
GetCurrentProcess
GetStringTypeA
GetModuleHandleA
EnumSystemLocalesA
GetStartupInfoA
GetStdHandle
GetCurrentThreadId
InterlockedDecrement
TlsAlloc
SetEndOfFile
FreeEnvironmentStringsA
GetCurrentProcessId
TlsSetValue
GetStringTypeW
FindFirstFileExA
UnhandledExceptionFilter
GetTickCount
GetLastError
GetComputerNameA
EnterCriticalSection
IsDebuggerPresent
HeapSize
RtlUnwind
DeleteCriticalSection
GetSystemTimeAsFileTime
InterlockedExchange
GetTimeFormatA
EnumTimeFormatsW
GetConsoleTitleA
FreeEnvironmentStringsW
TlsFree
GetFileType
GetModuleHandleW
HeapFree
TerminateProcess
LoadLibraryA
FlushInstructionCache
SetConsoleCtrlHandler
WriteFile
WritePrivateProfileStructW
GetModuleFileNameA
IsValidCodePage
CreateEventA
Sleep

comdlg32

GetFileTitleW
PageSetupDlgW
GetFileTitleA
GetOpenFileNameA
FindTextA
GetOpenFileNameW
PrintDlgW
ReplaceTextA
FindTextW
ChooseFontW
ChooseColorW
ReplaceTextW
GetSaveFileNameW
PageSetupDlgA
PrintDlgA

advapi32

RegQueryValueExA
CryptContextAddRef
CreateServiceW
RegQueryMultipleValuesW
CryptSignHashW
LookupPrivilegeNameA
RegQueryValueExW
DuplicateTokenEx
RegSetValueExW
RegCreateKeyA
CryptImportKey
CryptReleaseContext
AbortSystemShutdownA
LookupAccountSidW
RegEnumKeyExA
RegEnumKeyA
RegLoadKeyW
CryptGetDefaultProviderA
CryptDestroyHash
RegEnumKeyW

gdi32

GetPixelFormat
CreateRoundRectRgn

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5c133b8bb7c95abb2005bc3d599b49a

Headers

File Characteristics

Imports

kernel32

comdlg32

advapi32

gdi32

Sections

.text Size: 163KB - Virtual size: 163KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 163KB - Virtual size: 163KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 8KB - Virtual size: 8KB