fa6fe376ce1d72f29296c38c9477b929_JaffaCakes118

General

Target

fa6fe376ce1d72f29296c38c9477b929_JaffaCakes118
Size

52KB
MD5

fa6fe376ce1d72f29296c38c9477b929
SHA1

5dcc881ed3c79abbae580df849864bd01db1dc81
SHA256

3a2873d43306c505d645fc405d63c02caa4104de61cabe3e20f26bbe9e355424
SHA512

8c9ba0b153edaf2684fff87f1b8351c9e1bd931885ab12f3d1f3ee1ef7db73d3272460347b7b6bf7af588a01da59fb8d4ac2d5d43d2b0d49266a13613eaab5e1
SSDEEP

1536:TVAJKs0mfD9eLN6pJyRc9HMGnF3lKFyFxW:TVjuDEL0pSc9sGnF3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa6fe376ce1d72f29296c38c9477b929_JaffaCakes118

Files

fa6fe376ce1d72f29296c38c9477b929_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ac16d847cfc09f8020ef50f1d20c9da8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
CreateProcessW
HeapFree
FindNextFileW
GetModuleHandleA
HeapAlloc
lstrcatA
lstrcmpiA
lstrlenW
DeleteFileW
GlobalUnlock
SetFileTime
EnterCriticalSection
CopyFileW
LeaveCriticalSection
SetLastError
OpenProcess
GetDriveTypeW
FindClose
InitializeCriticalSection
GetCurrentProcessId
lstrcpyW
lstrlenA
GetFileTime
SetEndOfFile
GetSystemTimeAsFileTime
GetUserDefaultUILanguage
FlushFileBuffers
lstrcpyA
HeapReAlloc
UnmapViewOfFile
MultiByteToWideChar
CreateFileMappingW
CreateFileW
WriteFile
GetProcessHeap
CreateDirectoryW
CloseHandle
GetLocalTime
GetModuleFileNameA
GetFileSize
GetTickCount
lstrcatW
GetProcessTimes
MapViewOfFile
GetComputerNameW
DisconnectNamedPipe
OpenMutexW
GetExitCodeProcess
lstrcmpiW
FindFirstFileW
GetLastError
CreateThread
IsBadReadPtr
GetThreadPriority
GetTempPathW
GetFileSizeEx
GetCurrentThreadId
GetCommandLineA
WriteProcessMemory
GetVersionExW
SetFileAttributesW
Sleep
SetEvent
SetThreadPriority
FindResourceW
CreateEventW
GetSystemTime
GetLogicalDrives
CreateMutexW
ResetEvent
SystemTimeToFileTime
GlobalLock
ReleaseMutex
GetTimeZoneInformation
GetTempFileNameW
MoveFileExW
WideCharToMultiByte
GetModuleFileNameW
ReadFile
WaitForSingleObject
ExpandEnvironmentStringsW
lstrcpynW

user32

CloseDesktop
GetWindowThreadProcessId
DispatchMessageW
SetProcessWindowStation
CloseWindowStation
MsgWaitForMultipleObjects
GetDlgItemTextW
SendMessageW

Sections

.kfmx
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xgxcd
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vepaf
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hurmf
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac16d847cfc09f8020ef50f1d20c9da8

Headers

File Characteristics

Imports

kernel32

user32

Sections

.kfmx Size: 19KB - Virtual size: 40KB

.xgxcd Size: 5KB - Virtual size: 10KB

.vepaf Size: 1024B - Virtual size: 1KB

.hurmf Size: 26KB - Virtual size: 132KB

.kfmx
Size: 19KB - Virtual size: 40KB

.xgxcd
Size: 5KB - Virtual size: 10KB

.vepaf
Size: 1024B - Virtual size: 1KB

.hurmf
Size: 26KB - Virtual size: 132KB