fa51dfbfce94e6ffef65b488a2e4baac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa51dfbfce94e6ffef65b488a2e4baac_JaffaCakes118
Size

554KB
MD5

fa51dfbfce94e6ffef65b488a2e4baac
SHA1

9fa3a62b0c50eb4636596a6583850b26644d79d7
SHA256

841b4fe75db269cfcab4d1ca6402a149ecab68c448859834e51eabe7da00ba19
SHA512

2bb113e13fba58df66ea5fc9a8dba7537c3b79e92495baec63488e9eb4442d61d8e487d490da2705c9e03ee03f5fc5c92c66587e4f3ddfa7bdf7a5021a724afb
SSDEEP

12288:8X5notD2QkHWkjfMkLQMoRW/s1AK0GifEfp:8ZyD2WAMhMt4ifa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa51dfbfce94e6ffef65b488a2e4baac_JaffaCakes118

Files

fa51dfbfce94e6ffef65b488a2e4baac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46848ff5de0d9e9416a64c249598a6b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\aslre\

Imports

user32

LoadImageW
RegisterClassExA
SendIMEMessageExW
DispatchMessageA
DialogBoxParamW
GetUpdateRgn
RegisterHotKey
CharToOemBuffW
LoadBitmapW
LoadAcceleratorsA
ShowWindow
LoadCursorFromFileA
DdeAddData
MessageBoxA
IntersectRect
DefWindowProcW
RegisterClassW
ChangeDisplaySettingsExW
SetClassLongA
RegisterClassA
DestroyWindow
CreateWindowExW
IsDialogMessage
SetActiveWindow
GetCaretBlinkTime

advapi32

CryptSetProvParam
ReportEventA
CryptSetHashParam
ReportEventW
RegSaveKeyW
CryptCreateHash
RegRestoreKeyA
RegConnectRegistryA
RegQueryMultipleValuesW
CryptSignHashW
CryptGenRandom
CryptExportKey
CryptEnumProvidersW
CreateServiceW
RegDeleteValueA
LookupAccountNameA
RevertToSelf
RegQueryInfoKeyA
RegOpenKeyW
LookupSecurityDescriptorPartsW
CryptGetHashParam
RegQueryValueExW
AbortSystemShutdownA
RegEnumKeyExA
CryptGenKey

gdi32

GetGlyphOutlineA
DeleteEnhMetaFile
CreateSolidBrush
Polyline
StretchDIBits
TextOutA
CreateColorSpaceA
PolyBezier
RemoveFontResourceW
GetObjectType
GetMetaFileA
CopyMetaFileW
EnumMetaFile

wininet

InternetTimeFromSystemTime
InternetShowSecurityInfoByURLA
InternetTimeToSystemTime

kernel32

TlsFree
CreateFileA
IsDebuggerPresent
SetHandleCount
GetCommandLineA
HeapReAlloc
SetFilePointer
GetConsoleOutputCP
GetTimeZoneInformation
SetConsoleCtrlHandler
IsValidCodePage
GetUserDefaultLCID
TerminateProcess
WriteConsoleA
Sleep
InterlockedDecrement
GetModuleHandleW
SetLastError
RtlUnwind
GetLastError
GetStringTypeA
GetModuleFileNameA
GlobalFindAtomA
GetCurrentThread
GetModuleHandleA
GetCurrentProcess
InterlockedIncrement
VirtualAlloc
InterlockedExchange
DeleteCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
TlsAlloc
HeapFree
WriteConsoleW
GetTimeFormatA
GetConsoleCP
GetStartupInfoA
WriteFile
SetStdHandle
GetFileType
LoadLibraryA
GetOEMCP
EnumSystemLocalesA
GetLocaleInfoW
HeapCreate
SetThreadContext
FreeEnvironmentStringsA
GetTickCount
FlushFileBuffers
GetSystemTimeAsFileTime
ExitProcess
GetCurrentThreadId
HeapAlloc
LCMapStringA
GetEnvironmentStrings
UnhandledExceptionFilter
SetEnvironmentVariableA
SetCriticalSectionSpinCount
GetCPInfo
OpenMutexA
GetStringTypeW
TlsSetValue
GetLocaleInfoA
GetACP
LCMapStringW
GetConsoleTitleA
VirtualQuery
GetProcAddress
CloseHandle
FindFirstFileExA
CompareStringW
IsValidLocale
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetConsoleMode
HeapDestroy
FlushConsoleInputBuffer
TlsGetValue
FreeLibrary
ReadFile
LeaveCriticalSection
GetDateFormatA
VirtualFree
WideCharToMultiByte
GetStdHandle
CompareStringA
LoadResource
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
CreateMutexA
MultiByteToWideChar

shell32

SHFreeNameMappings
SHQueryRecycleBinW
FindExecutableW
DragQueryPoint
ShellExecuteExA

comctl32

CreateToolbar
ImageList_SetBkColor
InitCommonControlsEx
DrawStatusText
ImageList_DrawEx
ImageList_LoadImageA
ImageList_DrawIndirect

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46848ff5de0d9e9416a64c249598a6b0

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

gdi32

wininet

kernel32

shell32

comctl32

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 256KB - Virtual size: 256KB

.data Size: 113KB - Virtual size: 141KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 256KB - Virtual size: 256KB

.data
Size: 113KB - Virtual size: 141KB

.rsrc
Size: 15KB - Virtual size: 15KB