fa185c3afa7dfe6ccccf6aa1af5e0720_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa185c3afa7dfe6ccccf6aa1af5e0720_JaffaCakes118
Size

56KB
MD5

fa185c3afa7dfe6ccccf6aa1af5e0720
SHA1

05af22f7235ebf007eb21cd3df57df89b570adc2
SHA256

a060ab55157161a82a2b97c9098262994e493241b9b598d5547730acf9c805f2
SHA512

e9f842983c24eab75332dd22466904a12915e95a83e91586b4e8968c958481ac6b6a93061c4ee1e3e52e96a6357b1b2b0dda2b8a902293ae56149bf77a29b533
SSDEEP

768:RHwIT7XyHl1d9ETgwdLmhzCccB794I+oQ4Q38:5yHlOd8qB7EoQ4E8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa185c3afa7dfe6ccccf6aa1af5e0720_JaffaCakes118

Files

fa185c3afa7dfe6ccccf6aa1af5e0720_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0f25918af5ca6cf78e6146e79062277

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetVersionExA
OpenProcess
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
lstrlenA
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapSize
HeapReAlloc
WriteFile
VirtualFree
HeapCreate
VirtualAllocEx
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapAlloc
HeapFree
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
LocalFree
WideCharToMultiByte
WriteProcessMemory
CreateRemoteThread
CloseHandle
WaitForSingleObject
GetLastError
ReadProcessMemory
VirtualFreeEx
GetExitCodeThread
HeapDestroy
GetStringTypeW

user32

ChildWindowFromPoint
MessageBoxA
ReleaseCapture
IsDlgButtonChecked
GetDlgItem
GetWindowTextA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
EndDialog
GetSystemMenu
DeleteMenu
LoadIconA
SendMessageTimeoutA
LoadCursorA
CheckDlgButton
GetSystemMetrics
GetWindowRect
SetWindowPos
GetSysColor
SendMessageA
SetCapture
SetCursor
GetCursorPos
WindowFromPoint
GetWindowThreadProcessId
GetClassNameA
ScreenToClient
GetParent
ChildWindowFromPointEx
GetWindow
PtInRect
GetWindowLongA
SetWindowTextA
FindWindowA
BringWindowToTop
ShowWindow
DialogBoxParamA
RegisterWindowMessageA

gdi32

SetTextColor
SetBkColor
CreateSolidBrush

shell32

ShellExecuteA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

ole32

CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysStringLen
VariantClear

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0f25918af5ca6cf78e6146e79062277

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

ole32

oleaut32

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 3KB