fa0a29177e95dea9df60d02a165a3eae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa0a29177e95dea9df60d02a165a3eae_JaffaCakes118
Size

256KB
MD5

fa0a29177e95dea9df60d02a165a3eae
SHA1

dd60533706dd52bed6b2ecdd9054b9c5e9c3ff15
SHA256

3770413dfad0ee391afcf832ed2d7cea762ac74249eb3aa50e051ecfc252dc40
SHA512

20323f97facefed959ccd268ba66fb79d137ea053dbb5276a439b64255e348f8211f624406c88765828562cddb9a8cc5331335c419b344e4027ab72e6913a5c3
SSDEEP

3072:ZKlL9p1ocmXR8tkKjwf5MYFiarDHF10S/KXWzx5ybIKIGICJkb+uVbJzle8U:ZKlLkXRRcBaIxm15ybiEg+QO8U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0a29177e95dea9df60d02a165a3eae_JaffaCakes118

Files

fa0a29177e95dea9df60d02a165a3eae_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8dc32ea8eebafc13702945794d3ea1df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetStdHandle
SetFilePointer
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
GetLocaleInfoA
HeapSize
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
CreateThread
GetModuleHandleA
LockResource
LoadLibraryA
GetProcAddress
GetLastError
GlobalUnlock
SizeofResource
Sleep
LoadLibraryW
GlobalAlloc
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
HeapReAlloc
VirtualAlloc
EnumTimeFormatsA
GlobalLock
LoadLibraryExW
LoadResource
FindResourceExW
FreeResource
FindResourceA
DeleteCriticalSection
VirtualFree
HeapCreate
RtlUnwind
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException

user32

GetWindowRect
EndDialog
GetDlgItem
CreateAcceleratorTableA
MessageBoxA
GetWindowTextA
SetDlgItemInt
GetDC
BeginPaint
SendMessageA
GetWindowTextLengthA
GetClientRect
GetWindowThreadProcessId
LookupIconIdFromDirectory
DestroyIcon
LoadIconA
GetFocus
SystemParametersInfoA
IsDlgButtonChecked
GetSysColorBrush
CheckDlgButton
CreateIconFromResource
GetDlgItemInt

gdi32

CreateFontA
GetDeviceCaps
GdiSetBatchLimit
EndDoc
TextOutA

comdlg32

CommDlgExtendedError
GetSaveFileNameA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

shell32

SHGetMalloc
SHCreateDirectoryExA
SHGetFolderPathA
SHGetDesktopFolder

ole32

CoInitialize
OleGetClipboard
ReleaseStgMedium

ws2_32

WSAStartup
accept
listen
WSASocketA
getsockopt
closesocket
__WSAFDIsSet
socket
bind
recv
WSACleanup
htons
WSAGetLastError
select

mpr

WNetGetUserW

shlwapi

PathFileExistsW
PathAppendA
PathIsRelativeW

comctl32

ord17
ImageList_Create
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_ReplaceIcon

activeds

ord9

pdh

PdhCloseLog
PdhCloseQuery

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dc32ea8eebafc13702945794d3ea1df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

ws2_32

mpr

shlwapi

comctl32

activeds

pdh

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 6KB - Virtual size: 12KB

.rsrc Size: 248KB - Virtual size: 248KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 6KB - Virtual size: 12KB

.rsrc
Size: 248KB - Virtual size: 248KB