fa5f4eda359f904e0c5987896d23e314_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa5f4eda359f904e0c5987896d23e314_JaffaCakes118
Size

530KB
MD5

fa5f4eda359f904e0c5987896d23e314
SHA1

2b1c21992f5550ed9424d252a66882b7746e34f2
SHA256

8ca9a39245d37ba470a145f2e65c9674d6f740b232c02aa03d578337c5b6b714
SHA512

f11c7b3bbbc739e59d5f30c305716ee7476414d8f1017ff13108731470931b1864bc9bb3c360fc1f9455ae3532ab213d89268dabb0c23cd500826e09ee017a59
SSDEEP

12288:wo1a/XmvKFiYpbRttJFbxxwRip+/M93QYe+fa:w2a/yKFiE3FNqRizQYe+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa5f4eda359f904e0c5987896d23e314_JaffaCakes118

Files

fa5f4eda359f904e0c5987896d23e314_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81504b5fe0f609923ce18a41769d1b59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\ejozet.PDB

Imports

comctl32

InitCommonControlsEx

wininet

InternetGetCookieW
InternetCheckConnectionA
InternetGetConnectedState

gdi32

SetGraphicsMode
EndPath
GetBkMode
CreatePen

user32

CharPrevA
GetWindowDC
SetDlgItemTextA
RegisterClassExA
FreeDDElParam
SetMessageExtraInfo
RegisterClassA
GrayStringA

comdlg32

ChooseColorW

kernel32

GetStringTypeW
GetACP
OpenMutexA
LoadLibraryA
FreeEnvironmentStringsA
IsValidLocale
GetFileType
ReadFile
LCMapStringW
MapViewOfFileEx
GetConsoleOutputCP
GetStartupInfoW
InterlockedExchange
InterlockedIncrement
GetVersionExA
GetTimeFormatA
HeapReAlloc
FreeEnvironmentStringsW
HeapDestroy
GetStdHandle
HeapSize
SetLastError
FlushFileBuffers
GetStartupInfoA
GetModuleFileNameW
HeapFree
MultiByteToWideChar
QueryPerformanceCounter
CloseHandle
TlsAlloc
VirtualAlloc
VirtualProtectEx
WriteConsoleA
SetEnvironmentVariableA
WriteConsoleW
GetProcessHeap
LCMapStringA
GetTimeZoneInformation
GetModuleHandleA
GetCalendarInfoA
CreateFileA
GetDateFormatA
GetStringTypeA
GetCommandLineA
GetModuleFileNameA
ExitProcess
SetHandleCount
SetConsoleCtrlHandler
GetEnvironmentStringsW
DeleteCriticalSection
GetConsoleMode
GetUserDefaultLCID
EnumSystemLocalesA
CompareStringW
GlobalFree
EnterCriticalSection
TlsGetValue
GetEnvironmentStrings
GetSystemTimeAsFileTime
RtlUnwind
GetCurrentThread
GetConsoleCP
GetLocaleInfoW
GetCPInfo
SetStdHandle
GetCurrentProcess
UnhandledExceptionFilter
EnumSystemCodePagesW
CompareStringA
WideCharToMultiByte
TerminateProcess
GetCurrentProcessId
FreeLibrary
GetCurrentThreadId
CreateMutexA
TlsFree
SetFilePointer
GetProcAddress
InitializeCriticalSection
TlsSetValue
WriteFile
GetNamedPipeInfo
HeapAlloc
GetLocaleInfoA
IsValidCodePage
VirtualFree
SetVolumeLabelA
WriteProfileStringW
GetOEMCP
SetUnhandledExceptionFilter
LeaveCriticalSection
InterlockedDecrement
HeapCreate
VirtualQuery
IsDebuggerPresent
Sleep
GetLastError
GetTickCount
GetCommandLineW
GlobalFindAtomW

advapi32

InitiateSystemShutdownW
DuplicateTokenEx
StartServiceW
CryptSetProviderW
RegLoadKeyW
StartServiceA
RegRestoreKeyW
LookupAccountNameA
LookupPrivilegeValueW
AbortSystemShutdownA
CreateServiceA
LookupSecurityDescriptorPartsW
RegNotifyChangeKeyValue
ReportEventW
CryptAcquireContextW

Sections

.text
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81504b5fe0f609923ce18a41769d1b59

Headers

File Characteristics

PDB Paths

Imports

comctl32

wininet

gdi32

user32

comdlg32

kernel32

advapi32

Sections

.text Size: 353KB - Virtual size: 353KB

.rdata Size: 55KB - Virtual size: 75KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 353KB - Virtual size: 353KB

.rdata
Size: 55KB - Virtual size: 75KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 14KB - Virtual size: 13KB