fafafdcd202dd56e45c10ef873cb14c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fafafdcd202dd56e45c10ef873cb14c9_JaffaCakes118
Size

308KB
MD5

fafafdcd202dd56e45c10ef873cb14c9
SHA1

4410b335a9af741f4fc873d1c0b3afa4669b04c3
SHA256

912c9cd8b0a4da9b90809291f5e5e742a14df6ed611ceac59c7db08e430aacc4
SHA512

2858ac26d6810ac48af6421a5b4a96df799c35b662ab5f239e42ece13293ed81fd033f4c665faa0c2748998b9f235f1315297ee834a3c6caa8da7faeb5048191
SSDEEP

3072:HHSp+bIwClnUBL6Z4jdhq52st+pUerOc6Xq6kK3kbiBY4Z6ktDjm:Hk+bTClnUBL6Z4Lq52ZKnY4YuK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fafafdcd202dd56e45c10ef873cb14c9_JaffaCakes118

Files

fafafdcd202dd56e45c10ef873cb14c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a46a4da2db90aafedfa2c5b8f5dda6b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
FindNextFileA
FindClose
GetACP
GetVersionExA
DeviceIoControl
GetComputerNameA
GetTickCount
RemoveDirectoryA
CreateDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentProcess
GetComputerNameW
GetProcessHeap
GetLocaleInfoA
SetFileAttributesA
GetCurrentProcessId
FindFirstFileA
DeleteCriticalSection
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlUnwind
HeapReAlloc
VirtualAlloc
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
VirtualFree
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
HeapSize
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RaiseException
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FlushFileBuffers
SetEndOfFile
CreateFileA
Sleep
TerminateProcess
GetVersion
DeleteFileA
SetFileTime
GetFileTime
GetSystemDirectoryA
ReadFile
GetFileSize
GetLastError
WriteFile
SetFilePointer
CloseHandle
WaitForSingleObject
CreateSemaphoreA
FreeLibrary
GetProcAddress
LoadLibraryA
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
GetSystemTimeAsFileTime
InitializeCriticalSection
HeapCreate
HeapFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
OutputDebugStringA
GetFileType

user32

LoadStringA
GetMessageA
TranslateMessage
wsprintfA
DispatchMessageA
GetForegroundWindow
GetKeyboardLayout
MapVirtualKeyExA
MapVirtualKeyA
EnumDisplaySettingsA
wsprintfW
GetKeyNameTextA

advapi32

GetUserNameA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString
SysAllocStringLen

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a46a4da2db90aafedfa2c5b8f5dda6b3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 124KB - Virtual size: 121KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 316B

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 124KB - Virtual size: 121KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 316B