fafc2d852a2d92659b52db7c9d4e130a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fafc2d852a2d92659b52db7c9d4e130a_JaffaCakes118
Size

312KB
MD5

fafc2d852a2d92659b52db7c9d4e130a
SHA1

ba25517c8a3487cd581398aad76e9752e8f12f24
SHA256

e1e1914b36c52cefa6c531b47b34622480b65130971bb8fd3befc71c7b131a7d
SHA512

afe19478ab305828f8a2dacdfe5986812d87ac5fcb26c7ac2ef5dff16a2494d0aed2a9ee6b73433cf41342a483043a4ae42cccdd1b67f2f5da51f651496fc235
SSDEEP

6144:L9Yw8f6o5QbJWIYafKrU8Sj9Xojg7+kI2w4iDJYE/AuPawbDDk:Lk+nfijg7+9NYYzDD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fafc2d852a2d92659b52db7c9d4e130a_JaffaCakes118

Files

fafc2d852a2d92659b52db7c9d4e130a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bde5e22752bfaba3ed38df774b83e9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
LookupPrivilegeNameW
StartServiceW
RegRestoreKeyW
LookupAccountSidA
CreateServiceW
CryptDestroyKey
RegOpenKeyW
RegLoadKeyW
CryptEnumProviderTypesA
AbortSystemShutdownA
CryptDuplicateKey
CryptDeriveKey
CryptAcquireContextA
RegConnectRegistryW
RegQueryValueW
RegSaveKeyW
RegQueryValueExA
CryptEncrypt
CryptEnumProvidersW
RegReplaceKeyA

comctl32

InitCommonControlsEx

comdlg32

GetFileTitleA
PrintDlgA
PageSetupDlgW
ReplaceTextW

shell32

SHFreeNameMappings
ExtractIconW
ShellAboutW
SheChangeDirExW

user32

IsDialogMessageA
CharUpperW
ChangeDisplaySettingsA
SendDlgItemMessageW
SetDebugErrorLevel
SubtractRect
IsIconic
RegisterClipboardFormatA
SystemParametersInfoA
GetClassNameA
LoadAcceleratorsA
RegisterClassExA
VkKeyScanExW
RegisterClassA
InvalidateRect
DeleteMenu
DdeGetLastError

kernel32

GetStringTypeA
lstrlenA
CreateFileA
GetSystemTimeAsFileTime
OpenMutexA
LCMapStringA
TlsAlloc
IsValidCodePage
HeapDestroy
RtlUnwind
SetLastError
GetConsoleTitleA
GetWindowsDirectoryW
FindAtomA
GetProcessHeap
TlsSetValue
TerminateProcess
SetUnhandledExceptionFilter
WideCharToMultiByte
GetProcAddress
Sleep
GetCommandLineA
InterlockedDecrement
GetModuleFileNameA
FindClose
GetStringTypeW
EnterCriticalSection
GetConsoleCP
GetModuleHandleA
GetCurrentProcess
RemoveDirectoryA
LCMapStringW
MultiByteToWideChar
GetLastError
UnhandledExceptionFilter
LeaveCriticalSection
FindFirstFileA
SetHandleCount
InitializeCriticalSection
LoadLibraryA
GetPrivateProfileSectionNamesA
GetCurrentThread
CloseHandle
OpenFile
HeapSize
SetStdHandle
GetConsoleOutputCP
IsValidLocale
FreeEnvironmentStringsW
VirtualFree
HeapReAlloc
GetTickCount
GetEnvironmentStringsW
GetCPInfo
HeapCreate
ReadConsoleOutputCharacterW
lstrcpyA
CompareStringW
GetVersionExA
WaitNamedPipeW
WriteFile
GetFileType
HeapAlloc
GetACP
GetUserDefaultLCID
GetLongPathNameA
GetLocaleInfoA
ReadFile
EnumSystemLocalesA
IsDebuggerPresent
InterlockedIncrement
DeleteCriticalSection
GetCurrentThreadId
FreeEnvironmentStringsA
GetOEMCP
WriteConsoleA
SetEnvironmentVariableA
GetConsoleMode
GetEnvironmentStrings
HeapFree
TlsGetValue
GetTimeFormatA
GetShortPathNameA
CompareStringA
InterlockedExchange
GetStartupInfoA
GetProfileSectionA
SetConsoleCtrlHandler
GetPrivateProfileSectionNamesW
GetStdHandle
VirtualAlloc
GetDateFormatA
SetFilePointer
FindNextFileA
QueryPerformanceCounter
GetCurrentProcessId
ExitProcess
GetLocaleInfoW
TlsFree
CreateMutexA
FlushFileBuffers
VirtualQuery
WriteConsoleW
GetTimeZoneInformation
FreeLibrary
GetFullPathNameW

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bde5e22752bfaba3ed38df774b83e9b

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

shell32

user32

kernel32

Sections

.text Size: 189KB - Virtual size: 188KB

.rdata Size: 23KB - Virtual size: 46KB

.data Size: 89KB - Virtual size: 89KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 189KB - Virtual size: 188KB

.rdata
Size: 23KB - Virtual size: 46KB

.data
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 9KB - Virtual size: 8KB