fb1ae7e2ac6651baa3841bf58be0f17b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb1ae7e2ac6651baa3841bf58be0f17b_JaffaCakes118
Size

150KB
MD5

fb1ae7e2ac6651baa3841bf58be0f17b
SHA1

aa5a25940f6d0e0429888395786dfce3ac549571
SHA256

7e489dc29731688efe458c4d754f7f81bc82e6d38f633b72e8a4968a36c2c510
SHA512

3d509b9dd1e5a1390e8d98dbc16a057bbf8818b08612bb9f8ff2ab579c7e09ccff01a7b0a3b8602fe1059a77fd043881e63db1b9aa314173a4e1dd7c69e9c804
SSDEEP

3072:9MLjMBepPDDwi1belg1qB5ksuILJjc6JXyk+BT+XGJmJ:8VpPnF5kN5JSBqXGE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb1ae7e2ac6651baa3841bf58be0f17b_JaffaCakes118

Files

fb1ae7e2ac6651baa3841bf58be0f17b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f9d66bb0aa19385b51873f506b10284e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExW
lstrlenW
lstrcmpiW
LocalAlloc
FindFirstFileW
FlushFileBuffers
HeapAlloc
WaitForSingleObject
QueryPerformanceCounter
SetLastError
LocalFree
UnhandledExceptionFilter
SetCurrentDirectoryW
GetLogicalDriveStringsW
HeapFree
GetProcessHeap
GlobalAlloc
GetWindowsDirectoryW
QueryDosDeviceW
lstrcmpW
CreateMutexW
WriteFile
InterlockedDecrement
CopyFileW
CloseHandle
FreeLibrary
MultiByteToWideChar
FindClose
GetCommandLineW
GetFileAttributesW
WideCharToMultiByte
GetDriveTypeW
GetTimeFormatW
GetCPInfoExA
ReleaseMutex
SetFilePointer
GetCurrentThreadId
GetPrivateProfileIntW
GetSystemTimeAsFileTime
OpenMutexW
IsValidLocale
GetTickCount
ReadFile
SetUnhandledExceptionFilter
GetCurrentProcess
lstrlenA
SetThreadPriorityBoost
GetModuleFileNameW
LoadLibraryA
LoadLibraryW
GetPrivateProfileStringW
DeleteFileW
GetTempPathW
ExpandEnvironmentStringsW
GetStartupInfoA
GetExitCodeProcess
DeviceIoControl
GetModuleHandleA
GetPrivateProfileSectionW
GetVersionExA
CreateFileW
LocalReAlloc
InterlockedIncrement
GetFullPathNameW
FindNextFileW
GlobalFree
InterlockedExchange
OpenEventW
Sleep
RaiseException
GetCurrentProcessId
GetSystemDirectoryW
CreateDirectoryW
CreateProcessW
GetVolumeInformationW
GetProcAddress
GetCurrentDirectoryW
TerminateProcess
FormatMessageW
GetDateFormatW

shlwapi

StrCmpLogicalW
PathIsRelativeW
PathIsNetworkPathA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA

comctl32

PropertySheetA

user32

IsRectEmpty
SetFocus
SetForegroundWindow
GetWindowDC
GetWindowInfo

oleaut32

SysAllocStringLen
VariantCopyInd
VariantClear
SysStringLen

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 133KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9d66bb0aa19385b51873f506b10284e

Headers

File Characteristics

Imports

kernel32

shlwapi

shell32

comctl32

user32

oleaut32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.text1 Size: 133KB - Virtual size: 143KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text1
Size: 133KB - Virtual size: 143KB