fa999f1df5d52fc69eb58584d7175055_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa999f1df5d52fc69eb58584d7175055_JaffaCakes118
Size

421KB
MD5

fa999f1df5d52fc69eb58584d7175055
SHA1

fd6fcd909db01a0b4dab742b62025a8a9d9a5e7e
SHA256

8464838d7274f3f5c7eca9af7c3103b4eb3047604e8b0622d8d622bd31f8c68b
SHA512

9837151ed42987a1cf7cd73a6ad7bc0cea8e14523610a70131bf9f0a1b01724c107f2e2f7a3353b172a25f4fdae9bc880ce16e08b429769c175f90dadf90ac28
SSDEEP

6144:7P7z+bgiudYglFO1SwoDTJQ48cZWOXwuBLCe9xkTcNFNGE5tBRUQi47H1U3SB2Sh:D/+vfIBJPzBXecNrGE532c7HhBZ93b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa999f1df5d52fc69eb58584d7175055_JaffaCakes118

Files

fa999f1df5d52fc69eb58584d7175055_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9e4c3af67d1088051ae1d9e43c28f8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconEx
ExtractAssociatedIconExA
ShellAboutA
SHGetDiskFreeSpaceA
SheSetCurDrive
SheChangeDirA
DuplicateIcon
SHBrowseForFolderA
RealShellExecuteExA
FreeIconList
SHLoadInProc
SHBrowseForFolderW
SHInvokePrinterCommandW
SHGetPathFromIDListA
ExtractIconW
ShellExecuteA
ShellAboutW
SHQueryRecycleBinA
RealShellExecuteW
ShellExecuteExW

wininet

FtpDeleteFileW
FtpRemoveDirectoryW
FtpCreateDirectoryW
InternetGetConnectedStateEx
InternetCreateUrlW
FindNextUrlCacheEntryW
InternetSetOptionExW
HttpEndRequestA
CommitUrlCacheEntryW
ReadUrlCacheEntryStream
FtpPutFileA
ShowCertificate
FindNextUrlCacheGroup
InternetOpenA
InternetTimeFromSystemTimeW

user32

MsgWaitForMultipleObjectsEx
ClipCursor
ClientToScreen
GetClassNameA
CloseWindow
IntersectRect
DialogBoxIndirectParamW
GetDesktopWindow

advapi32

RegReplaceKeyA
CryptEnumProvidersA

kernel32

UnhandledExceptionFilter
GetStringTypeA
VirtualLock
VirtualAlloc
GetStartupInfoA
LCMapStringA
TlsAlloc
WriteConsoleInputW
InterlockedExchange
GetLastError
MultiByteToWideChar
GetOEMCP
LoadModule
GetModuleHandleA
HeapLock
VirtualQuery
LeaveCriticalSection
ExitProcess
GetProcAddress
DeleteCriticalSection
IsBadWritePtr
CreateToolhelp32Snapshot
GetProcessAffinityMask
HeapReAlloc
WriteFile
SetHandleCount
VirtualProtect
FreeEnvironmentStringsA
GlobalAddAtomW
HeapFree
GetSystemTimeAsFileTime
GlobalHandle
OpenWaitableTimerW
TlsGetValue
GetCommandLineA
SetLastError
TlsSetValue
CreateEventA
GetFileType
TlsFree
GetVolumeInformationA
HeapValidate
GetCurrentThread
GetConsoleMode
VirtualFree
GetModuleFileNameA
GetEnvironmentStrings
GetVersion
WideCharToMultiByte
HeapCreate
GetCurrentProcessId
GetStringTypeW
LoadLibraryA
WriteConsoleOutputW
PulseEvent
GetTickCount
QueryPerformanceCounter
LCMapStringW
GlobalCompact
TerminateProcess
SetSystemTime
GetACP
EnterCriticalSection
GetEnvironmentStringsA
GetCurrentThreadId
HeapDestroy
GetDriveTypeW
GetCurrentProcess
InitializeCriticalSection
RtlUnwind
GetCPInfo
HeapAlloc
LocalFileTimeToFileTime
RtlFillMemory
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStdHandle

comdlg32

LoadAlterBitmap
ChooseFontA
GetFileTitleA
PageSetupDlgA
FindTextW
GetSaveFileNameA
GetFileTitleW
FindTextA
ChooseColorW
ReplaceTextA
PrintDlgA
GetOpenFileNameW
ChooseColorA
PrintDlgW
ReplaceTextW
GetOpenFileNameA
GetSaveFileNameW
PageSetupDlgW

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9e4c3af67d1088051ae1d9e43c28f8d

Headers

File Characteristics

Imports

shell32

wininet

user32

advapi32

kernel32

comdlg32

Sections

.text Size: 147KB - Virtual size: 147KB

.data Size: 269KB - Virtual size: 268KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 147KB - Virtual size: 147KB

.data
Size: 269KB - Virtual size: 268KB

.rsrc
Size: 3KB - Virtual size: 3KB