fb1902212d9bb8ae80b11df7d204052a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fb1902212d9bb8ae80b11df7d204052a_JaffaCakes118
Size

149KB
MD5

fb1902212d9bb8ae80b11df7d204052a
SHA1

e09b58f24abb5139606c4b6a506d175134460073
SHA256

d60ee85b8982c8f3c09ad53682ab9ec303310f961215b4a71b9fcb2495bfced2
SHA512

d99af346e55ed648aa06dfbba470ddff52f7d093533dfca4b0b1068ce223ce76364ae42adeef4a2198c66dd97d1f8ed4626eed01bfcb0ba009cb89814f2225cb
SSDEEP

3072:DFNXpnWsoKIQuhir4fkHIICw4E3J+q+JrflnD7CPwE2:DYvVPzE57uVnE2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb1902212d9bb8ae80b11df7d204052a_JaffaCakes118

Files

fb1902212d9bb8ae80b11df7d204052a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d31101394bc1c1ec2ab2f0a034bb4526

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

send
htons
setsockopt
recv
socket
select
WSAGetLastError
shutdown
ioctlsocket
closesocket
WSACleanup
gethostbyname
connect
WSAStartup
gethostname
inet_addr

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

DeleteCriticalSection
GetPrivateProfileIntA
CreateThread
LeaveCriticalSection
EnterCriticalSection
TerminateThread
GetModuleFileNameA
GetTempPathA
GetModuleHandleA
GetCurrentDirectoryA
lstrlenA
GetLastError
DeleteFileA
ReleaseMutex
WaitForMultipleObjects
GetVersionExA
WriteFile
CopyFileA
GetUserDefaultLangID
GlobalFree
GlobalSize
GlobalUnlock
GlobalLock
GlobalAlloc
LocalFree
LocalAlloc
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
GetVersion
CreateEventA
GlobalMemoryStatus
CloseHandle
GetPrivateProfileStringA
CreateMutexA
GetTickCount
WaitForSingleObject
WinExec
SetEvent
CreateFileA
LoadLibraryA
ReadFile
SetFilePointer
GetFileSize
IsBadWritePtr
HeapCreate
HeapDestroy
VirtualFree
GetProcAddress
HeapSize
GetEnvironmentVariableA
TerminateProcess
VirtualAlloc
UnhandledExceptionFilter
GetCurrentProcess
GetOEMCP
GetACP
GetCPInfo
RemoveDirectoryA
CreateDirectoryA
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
GetStringTypeW
GetSystemTime
GetTimeZoneInformation
GetLocalTime
FreeEnvironmentStringsA
FreeEnvironmentStringsW
RtlUnwind
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetStdHandle
GetFileType
SetHandleCount
IsBadReadPtr
IsBadCodePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
MultiByteToWideChar
GetStringTypeA
HeapReAlloc

user32

RegisterClassExA
TranslateMessage
DispatchMessageA
LoadCursorA
GetClassInfoExA
LoadIconA
DialogBoxParamA
FindWindowA
SetForegroundWindow
MessageBoxA
GetDC
EndPaint
FillRect
GetWindowRect
GetClientRect
ScreenToClient
DefWindowProcA
SetWindowTextA
ShowWindow
IsRectEmpty
PostQuitMessage
IsWindow
IntersectRect
PtInRect
SendDlgItemMessageA
SendMessageA
DrawTextA
InvalidateRect
UpdateWindow
ReleaseDC
SetDlgItemTextA
KillTimer
SetTimer
TranslateAcceleratorA
EndDialog
GetSystemMetrics
PostMessageA
GetDlgItem
DestroyWindow
MessageBoxIndirectA
LoadAcceleratorsA
EnableWindow
GetMessageA
ChangeDisplaySettingsA
EnumDisplaySettingsA
UnionRect

gdi32

CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SetMapMode
SetTextColor
SetBkColor
GetObjectA
SetBkMode
CreateFontIndirectA
DeleteDC
CreateDIBitmap
GetBkColor
CreateBitmap
DeleteObject
BitBlt

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteExA

ole32

CoCreateGuid

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d31101394bc1c1ec2ab2f0a034bb4526

Headers

File Characteristics

Imports

wsock32

version

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 112KB - Virtual size: 108KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 79KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 79KB

.rsrc
Size: 4KB - Virtual size: 3KB