fa44c7aeed02f469852dfa4f4d79209d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa44c7aeed02f469852dfa4f4d79209d_JaffaCakes118
Size

465KB
MD5

fa44c7aeed02f469852dfa4f4d79209d
SHA1

0525c129f0e8f317547eea1b1f91e243ac06f8d0
SHA256

06793006806e57210741d6c69650e406e001d9bc7d509492930d7c865591ff56
SHA512

26fe4e150fb422a574f897e277535977236a0bf47729a1f66e27c67890319bd524bd017d1ff23005c2f37d98f1eaab539b768e1b8697ffb141fce14f175502a2
SSDEEP

12288:zO+KaxO8XCykZzB8uxysnR4twWC2W/4TET3fK4xEhV:zBhxOHykZzB8ayUCkcELC4xEhV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa44c7aeed02f469852dfa4f4d79209d_JaffaCakes118

Files

fa44c7aeed02f469852dfa4f4d79209d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

adfc576165dad1acde7f9ae9a54dc40b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ImageList_DragLeave
DrawStatusTextA
DrawInsert
ImageList_Duplicate

shell32

SHInvokePrinterCommandA
ExtractAssociatedIconA
SHGetSpecialFolderPathW

kernel32

CreateMutexA
InitializeCriticalSection
GetCommandLineW
EnumSystemLocalesA
HeapAlloc
InterlockedExchange
GetFileType
IsValidLocale
HeapCreate
VirtualQuery
GetLocaleInfoW
EnterCriticalSection
GetEnvironmentStringsW
VirtualAlloc
GetSystemInfo
TlsGetValue
GetCurrentThreadId
FindFirstFileW
GetTimeZoneInformation
FindAtomA
GetModuleFileNameA
ExitProcess
GetModuleFileNameW
GetStdHandle
OpenSemaphoreA
GetStringTypeW
ReadFile
AddAtomA
GetPriorityClass
GetProcAddress
SetEnvironmentVariableA
GetStartupInfoW
WideCharToMultiByte
RtlUnwind
GetCPInfo
GetThreadContext
GetLastError
DeleteCriticalSection
VirtualFree
GetVersionExA
SetFilePointer
CreateToolhelp32Snapshot
GetStringTypeA
GetDateFormatA
InterlockedIncrement
LCMapStringA
CompareStringA
GetCurrentProcess
LoadLibraryA
HeapReAlloc
TerminateProcess
OpenMutexA
GetStartupInfoA
GetModuleHandleA
GetSystemTimeAsFileTime
HeapSize
GetTickCount
MultiByteToWideChar
LocalAlloc
GetOEMCP
TlsFree
GetCurrentThread
LeaveCriticalSection
GetTimeFormatA
IsBadWritePtr
FreeEnvironmentStringsW
SetStdHandle
GetCurrentProcessId
FlushFileBuffers
GetCommandLineA
GetACP
QueryPerformanceCounter
SetConsoleMode
IsValidCodePage
LCMapStringW
HeapDestroy
InterlockedDecrement
UnhandledExceptionFilter
HeapFree
SetHandleCount
VirtualProtect
CompareStringW
FreeEnvironmentStringsA
TlsSetValue
CloseHandle
SetLastError
GetUserDefaultLCID
TlsAlloc
GetLocaleInfoA
WriteFile
GetEnvironmentStrings

user32

GetSystemMenu
CheckMenuRadioItem
EndDeferWindowPos
CloseDesktop
RegisterClassExA
CharToOemA
GetIconInfo
SetWindowTextA
MessageBoxW
ShowWindow
CharNextExA
SendNotifyMessageA
CreateWindowExA
EnumDisplaySettingsA
RegisterClassA
ImpersonateDdeClientWindow

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adfc576165dad1acde7f9ae9a54dc40b

Headers

File Characteristics

Imports

comctl32

shell32

kernel32

user32

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 43KB - Virtual size: 66KB

.data Size: 102KB - Virtual size: 101KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 43KB - Virtual size: 66KB

.data
Size: 102KB - Virtual size: 101KB

.rsrc
Size: 13KB - Virtual size: 12KB