fa8e8454f8286a66bcfc42509838cb20_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa8e8454f8286a66bcfc42509838cb20_JaffaCakes118
Size

190KB
MD5

fa8e8454f8286a66bcfc42509838cb20
SHA1

6a21c86e729623da7efcf2d0ba6ed316903e04ed
SHA256

d26af9d7d3002638d93235a68328d47267127c49befd85b05876a5ee0eb8aa88
SHA512

855cefdfd4464ed91dd70a137be065c01545eb9192c1c4bfba6586fad792cd2eabe37644f45fbdd79712b5bcf8780731e2549e3ecc7c0368edff2845389ea97f
SSDEEP

3072:n2eK706GFcVZDP4VHVW4ILINvXT2fxcH8r7S1DYht2mx7LNLztdsTY0TF9:2nnGFcVZb0HQ4Lb8xq8rmqYmx9LziX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa8e8454f8286a66bcfc42509838cb20_JaffaCakes118

Files

fa8e8454f8286a66bcfc42509838cb20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96120c585bb955569fe9042dd3c98ace

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
EnumResourceLanguagesW
LoadLibraryW
FindNextFileW
GetFileAttributesW
MultiByteToWideChar
CreateFileW
ReadFile
LocalFileTimeToFileTime
GetCurrentDirectoryW
GetCurrentProcessId
MoveFileW
GetThreadContext
CreateDirectoryW
WriteFile
WideCharToMultiByte
InterlockedDecrement
GetModuleFileNameW
EnumResourceNamesA
lstrcpyW
GetLocaleInfoW
FindFirstFileW
ConvertDefaultLocale
SetFilePointer
ExitProcess
SystemTimeToFileTime
SetFileTime
GetVersion
DeleteFileW
GetSystemDefaultLangID
FindClose
RemoveDirectoryW
GetProcAddress

user32

GetNextDlgGroupItem
IsRectEmpty
InvalidateRgn
GetClassInfoExW
InvalidateRect
GetNextDlgTabItem
RemovePropW
CharNextW
SetRect
CopyAcceleratorTableW
CreateWindowExW
MessageBeep
RegisterWindowMessageW
CharUpperW
GetClassLongW
WinHelpW
GetPropW
SendDlgItemMessageA
SetPropW
DestroyMenu

ole32

CreateILockBytesOnHGlobal
OleUninitialize
OleFlushClipboard
OleInitialize
CoRevokeClassObject
CoFreeUnusedLibraries
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoGetClassObject
CoUninitialize
OleIsCurrentClipboard
CoTaskMemFree
CLSIDFromString

gdi32

SetWindowExtEx
ExtTextOutW
PtVisible
GetStockObject
GetBkColor
GetDeviceCaps
ScaleWindowExtEx
SelectObject
OffsetViewportOrgEx
RectVisible
Escape
ExtSelectClipRgn
ScaleViewportExtEx
SetViewportOrgEx
TextOutW
GetMapMode
GetTextColor
DeleteDC
GetRgnBox

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW
PathFileExistsW
PathStripToRootW
PathIsUNCW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegCloseKey
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96120c585bb955569fe9042dd3c98ace

Headers

File Characteristics

Imports

kernel32

user32

ole32

gdi32

shlwapi

shell32

oleacc

advapi32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 79KB - Virtual size: 78KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 79KB - Virtual size: 78KB

.edata
Size: 1024B - Virtual size: 116KB