fb118dd515be03724bd10870230ed2c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb118dd515be03724bd10870230ed2c8_JaffaCakes118
Size

2.1MB
MD5

fb118dd515be03724bd10870230ed2c8
SHA1

e3bb7ccf610bd1e664e4a5cb0a6e6362a52fade2
SHA256

b70522c1a8d92b2f6d898d55a73ad54c70b819902f0a3199f5687a3bacd6071e
SHA512

6844591ecb4d8d7d251f3b353e8a0c0c0f5e7d64eb65aac3958a92af244e1232e9e1bdf3ee9da9712bf11dfd6a58de9fc038938a1f4cef44c0c6e6e32469ec90
SSDEEP

24576:oWAffM4M4XJJzBcvqYMjf4phjByiJ2VqOEKODVs:obcYfzaNfO8s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb118dd515be03724bd10870230ed2c8_JaffaCakes118

Files

fb118dd515be03724bd10870230ed2c8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9051e6955625037578125a2c53951ac7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
WritePrivateProfileStructW
CreateFileW
DeleteFileW
GetLocaleInfoW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
OutputDebugStringW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsProcessorFeaturePresent
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CloseHandle
SetFilePointer
WriteFile
IsDebuggerPresent
VirtualAlloc
GetStringTypeW
GlobalAlloc
TerminateProcess
GetCurrentProcess
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
WriteConsoleW

user32

DrawFrameControl
DdeInitializeW
CopyIcon
GetWindowLongW
UnionRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MessageBeep
MessageBoxW
GetScrollPos
ValidateRect
GetWindowDC
SetActiveWindow
DragDetect
SetMenuDefaultItem
GetMenuInfo
TrackPopupMenu
DestroyMenu
CreatePopupMenu
IsWindowEnabled
SetTimer
CharNextW
CheckRadioButton
DialogBoxParamW
UnregisterClassW
GetDoubleClickTime
GetMessageW

mprapi

MprConfigTransportCreate
MprConfigInterfaceTransportAdd
MprConfigInterfaceGetInfo
MprConfigInterfaceGetHandle
MprConfigTransportGetInfo
MprConfigTransportDelete
MprConfigServerDisconnect

advapi32

RegQueryValueExW
RegQueryInfoKeyW
RegEnumValueW
RegCreateKeyExW
RegCloseKey
OpenSCManagerW

userenv

LoadUserProfileW

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 725KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.7osbh
Size: 572KB - Virtual size: 571KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.m1tmh
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dc2h7
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9051e6955625037578125a2c53951ac7

Headers

File Characteristics

Imports

kernel32

user32

mprapi

advapi32

userenv

Sections

.text Size: 82KB - Virtual size: 81KB

.data Size: 725KB - Virtual size: 6.9MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.7osbh Size: 572KB - Virtual size: 571KB

.m1tmh Size: 261KB - Virtual size: 260KB

.dc2h7 Size: 107KB - Virtual size: 106KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 82KB - Virtual size: 81KB

.data
Size: 725KB - Virtual size: 6.9MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.7osbh
Size: 572KB - Virtual size: 571KB

.m1tmh
Size: 261KB - Virtual size: 260KB

.dc2h7
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 362KB - Virtual size: 362KB