fa2d9ac926390d801699659562d8f43c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa2d9ac926390d801699659562d8f43c_JaffaCakes118
Size

2.4MB
MD5

fa2d9ac926390d801699659562d8f43c
SHA1

58ceb5fd4bfbb7257bc5181022baf5479fe1e432
SHA256

7a49d26dc762d1d4d7ec530e3a29174175b423cba17e4845c36a1396e1ae1e25
SHA512

eb4c1b7eb1d7d80732d9f87640cde34442a4f62099c75021b8ea111c98fce514d7836c435eaeebf79a5dce35c595dd7c752992eb273177c5fde768d46a3a4c25
SSDEEP

24576:8v3jyqfUM49y0DLSnVB2KciDzsEVhp5zDywTt6PJO1Wn4VLn7XO:oz4zDLS/2KzDb5T6PBwe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa2d9ac926390d801699659562d8f43c_JaffaCakes118

Files

fa2d9ac926390d801699659562d8f43c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

75485d293d637d9e5057acd1795793e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollRange
GetMessageExtraInfo
DdeCmpStringHandles
IsDialogMessageW
LoadCursorFromFileW
GetParent
InvertRect
FrameRect
GetSysColorBrush
GetCursor
AdjustWindowRectEx
GetKeyboardLayoutList
InvalidateRect
GetUpdateRect
GetWindowDC
GetDC
MenuItemFromPoint
DeleteMenu
GetMenuItemID
DestroyMenu
AnyPopup
ShowOwnedPopups

kernel32

SetHandleCount
GetFileTime
SetFileShortNameW
CloseHandle
GetSystemTime
FileTimeToLocalFileTime
TlsFree
WaitForSingleObject
LoadLibraryW
GetModuleFileNameW
FindResourceExW
CompareStringW
GetLocaleInfoW
GetThreadLocale
ReleaseSemaphore
DeleteCriticalSection
CreateFiberEx
GetEnvironmentStringsW
VirtualAlloc
RtlUnwind
HeapFree
LoadLibraryExW
OutputDebugStringW
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
CreateFileW
SetFilePointerEx
WriteConsoleW
CreateEventW
LeaveCriticalSection
EnterCriticalSection
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

crypt32

CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertGetCertificateChain
CryptProtectData
CertGetNameStringW
CertFindExtension
CertGetPublicKeyLength
CertGetEnhancedKeyUsage
CertControlStore
CertAddStoreToCollection
CertFreeCTLContext
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertFreeCertificateContext
CertCreateCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CryptMsgUpdate
CryptMsgOpenToDecode
CryptFindOIDInfo
CryptDecodeObject
CryptEncodeObject
CryptBinaryToStringW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW

winspool.drv

EnumPrintersW

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 498KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.30359a
Size: 676KB - Virtual size: 675KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.5e6nt
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fda5e
Size: 489KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7al2ne
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75485d293d637d9e5057acd1795793e7

Headers

File Characteristics

Imports

user32

kernel32

crypt32

advapi32

winspool.drv

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 498KB - Virtual size: 7.6MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.30359a Size: 676KB - Virtual size: 675KB

.5e6nt Size: 139KB - Virtual size: 138KB

.fda5e Size: 489KB - Virtual size: 488KB

.7al2ne Size: 182KB - Virtual size: 182KB

.rsrc Size: 365KB - Virtual size: 364KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 498KB - Virtual size: 7.6MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.30359a
Size: 676KB - Virtual size: 675KB

.5e6nt
Size: 139KB - Virtual size: 138KB

.fda5e
Size: 489KB - Virtual size: 488KB

.7al2ne
Size: 182KB - Virtual size: 182KB

.rsrc
Size: 365KB - Virtual size: 364KB