fee84a3e918c3cca39ffc118bf5590e3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fee84a3e918c3cca39ffc118bf5590e3_JaffaCakes118
Size

320KB
MD5

fee84a3e918c3cca39ffc118bf5590e3
SHA1

de45b4e4885d2f85a0b584bdfeeb51eda4dd8ae2
SHA256

eb0cfa64be185bba99d30d1c965decfc330d8dca6c89f083a24b550e2c8b9203
SHA512

26d1deca007e21f828f3d9f4b80ad6fcc2ff11f92f3a133b8ebbaf7f893d36f384406659979b0452d807784b3273fd0a58c77d3d79e5c079c13117094e5305fa
SSDEEP

6144:Tjcd8YcU72998kF5YHvTD/mstQGE8xl0qHEDQD8yu:Ed3yxW3/msv9hu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fee84a3e918c3cca39ffc118bf5590e3_JaffaCakes118

Files

fee84a3e918c3cca39ffc118bf5590e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47dc889d2476b88bdc1d89a156a396bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderW

advapi32

EqualSid
AllocateAndInitializeSid
RegSetValueExW
RegQueryValueW
FreeSid

user32

GetWindowLongA
ShowWindow
DefWindowProcW
MessageBoxA
CreateWindowExW
MessageBoxW
ReleaseDC
RedrawWindow
SetTimer
LoadStringA
PostQuitMessage
SetWindowLongA
PostMessageW
CopyRect
IsWindow
FindWindowW
SendMessageW
InvalidateRect
LoadCursorW
RegisterClassExW
EndDialog
LoadStringW
GetClientRect
SetWindowPos
TranslateMessage
GetDlgItem
SystemParametersInfoW

kernel32

SetErrorMode
lstrlenW
LeaveCriticalSection
InitializeCriticalSection
lstrcatW
FindNextFileW
DeleteFileW
GetProcessHeap
FormatMessageW
LoadLibraryW
SetCurrentDirectoryW
FileTimeToLocalFileTime
lstrlenA
SetCommState
GetTempPathA
VirtualFree
HeapSize
ResetEvent
LoadLibraryExW
SetCommTimeouts
GetFileAttributesA
VirtualAlloc
HeapAlloc
EnterCriticalSection
SetFileAttributesW
IsDBCSLeadByte
GetVersionExW
GetEnvironmentVariableW
WriteFile
GetCurrentProcessId
GetVersionExA
FindFirstFileW
FileTimeToDosDateTime
GetSystemTimeAsFileTime
FindFirstFileA
RtlMoveMemory
OpenProcess
WaitForSingleObject
CloseHandle
GetModuleHandleA
LocalFree
HeapFree
GetModuleHandleW
UnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
CreateMutexW
HeapReAlloc
SetLastError
DebugBreak

setupapi

SetupOpenInfFileW
SetupOpenAppendInfFileW
SetupFindNextLine

shlwapi

StrCatW
PathIsRootW
PathAppendW
StrDupW
StrCmpIW

ole32

OleInitialize
CoInitialize
CLSIDFromString
OleUninitialize

msvcrt

wcsncpy
_controlfp
??2@YAPAXI@Z
_except_handler3
__set_app_type
_mbschr
iswspace
exit
_wcsicmp
wcscat
setlocale
__setusermatherr
wcslen
wcsncmp
_wtoi
__lconv_init
??3@YAXPAX@Z
__getmainargs

Sections

.text
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47dc889d2476b88bdc1d89a156a396bc

Headers

DLL Characteristics

File Characteristics

Imports

shell32

advapi32

user32

kernel32

setupapi

shlwapi

ole32

msvcrt

Sections

.text Size: 263KB - Virtual size: 263KB

.data Size: 27KB - Virtual size: 27KB

.rsrc Size: 28KB - Virtual size: 708KB

.text
Size: 263KB - Virtual size: 263KB

.data
Size: 27KB - Virtual size: 27KB

.rsrc
Size: 28KB - Virtual size: 708KB