fa0b50594b8354970c2b7347ddb7a8fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa0b50594b8354970c2b7347ddb7a8fc_JaffaCakes118
Size

132KB
MD5

fa0b50594b8354970c2b7347ddb7a8fc
SHA1

30b551add34d9c20383937c2bc18f46b34862864
SHA256

1828a9f98e0880ed27f9960f034cc5cb58f491a7ea2910c1bb182e165667e5ee
SHA512

9332a5fcade41cea254539b964d5840daed3e0e492fd6838cd252a5654700ff28f48eacdad4d65a7bf654e171bf8bbcd237689664c5233bf06ac62fd01dbb4a2
SSDEEP

3072:LpnmQz5IDrq5UwsHbong0Z1VoS6Wk0R3:IkIDrDTOpd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0b50594b8354970c2b7347ddb7a8fc_JaffaCakes118

Files

fa0b50594b8354970c2b7347ddb7a8fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b322b8ac076901f8fd7be7fce12d8c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
WideCharToMultiByte
LoadLibraryA
MultiByteToWideChar
FreeLibrary
GetStdHandle
lstrcpyA
CreateProcessA
GetConsoleCP
SetEnvironmentVariableA
GetEnvironmentVariableA
lstrlenA
GetProcAddress
HeapDestroy
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
GetWindowsDirectoryA
IsDBCSLeadByte
FlushFileBuffers
SetEndOfFile
GetLastError
SetFilePointer
IsBadReadPtr
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP
GetSystemDefaultLangID
GetPrivateProfileStringA
lstrcatA
lstrcpynA
lstrcmpiA
lstrcmpA
GetCurrentDirectoryA
GetVersionExA
GetVersion
GetFileAttributesA
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
CloseHandle
SetStdHandle
GetFileType
CreateFileA
ReadFile
WriteFile
IsBadCodePtr
GetDriveTypeA
InterlockedDecrement
InterlockedIncrement
HeapReAlloc
TerminateProcess
GetCurrentProcess
RtlUnwind
GetFullPathNameA
RaiseException
GetCPInfo
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
SetUnhandledExceptionFilter
GetOEMCP
LCMapStringA
LCMapStringW
HeapSize
GetStringTypeW
CompareStringA
CompareStringW
GetStringTypeA

user32

SetCursor
MessageBoxA
CharToOemA
LoadCursorA
LoadStringA
CharUpperA
CharLowerA
IsCharAlphaA
wsprintfA
CharNextA

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b322b8ac076901f8fd7be7fce12d8c6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 12KB - Virtual size: 24KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 12KB - Virtual size: 24KB