faace938224be13f0e4a61353086b21c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

faace938224be13f0e4a61353086b21c_JaffaCakes118
Size

370KB
MD5

faace938224be13f0e4a61353086b21c
SHA1

0a8772ea8cd1cb7604ce15fd08ec307873786e07
SHA256

242335f7306a747874d99734e86f4cbf9b90cd6af0ff6ad4cdc1c6d1716d89a9
SHA512

69d1a5d0b43bf6d965f436e5f170f01102a51f52ac888d503bb5d88e40c8b7aaa5df75816842e4df7f892dea82d5bc2b4a6c46a00c8721258a01f9fc1d95ce48
SSDEEP

3072:kokoKsZKjcpvQH/SB7LWlkrfNvAX3d5/ezbIl82xVWUdvUy9LkCjiV:koBKsZiCiyWlyNoX3HwE8HNydji

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faace938224be13f0e4a61353086b21c_JaffaCakes118

Files

faace938224be13f0e4a61353086b21c_JaffaCakes118
.exe windows:4 windows x64 arch:x64

a2bc30f91bb38427f0595b7bfb81bfb8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrlenW
GetLastError
lstrlenA
IsDBCSLeadByte
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrcpynA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
CloseHandle
WaitForSingleObject
CreateEventA
CreateThread
Sleep
WaitForMultipleObjects
WideCharToMultiByte
GetCurrentThreadId
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetConsoleCtrlHandler
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
MultiByteToWideChar
__C_specific_handler
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetVersionExA
CompareFileTime
OutputDebugStringA
lstrcpyA
CreateMutexA
GetUserDefaultLCID
GetTimeFormatA
GetDateFormatA
SetStdHandle
IsBadCodePtr
GetCPInfo
GetOEMCP
GetACP
SetFilePointer
GetFileType
ExitProcess
HeapReAlloc
HeapDestroy
HeapCreate
HeapSetInformation
EnterCriticalSection
FatalAppExitA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LocalFree
RtlUnwindEx
IsBadWritePtr
IsBadReadPtr
HeapValidate
DebugBreak
GetStdHandle
WriteFile
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
RaiseException
RtlPcToFileHeader
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
LeaveCriticalSection
SetHandleCount

user32

EnumDisplaySettingsA
CharNextA
PostThreadMessageA
ChangeDisplaySettingsExA
ChangeDisplaySettingsA
PostMessageA
SendNotifyMessageA
FindWindowA
CharPrevA
RegisterClassA
CreateWindowExA
DispatchMessageA
GetMessageA
SetTimer
PostQuitMessage
RegisterWindowMessageA
DefWindowProcA
KillTimer

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

ole32

CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoSuspendClassObjects
CoUninitialize
CoInitialize

oleaut32

SysStringLen
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
SysAllocString
GetErrorInfo
VariantClear
VariantChangeType
VariantInit
SetErrorInfo
CreateErrorInfo

Sections

.text
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a2bc30f91bb38427f0595b7bfb81bfb8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 213KB - Virtual size: 213KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 7KB - Virtual size: 17KB

.pdata Size: 12KB - Virtual size: 11KB

.idata Size: 7KB - Virtual size: 6KB

�� Size: 28KB - Virtual size: 28KB

.text
Size: 213KB - Virtual size: 213KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 7KB - Virtual size: 17KB

.pdata
Size: 12KB - Virtual size: 11KB

.idata
Size: 7KB - Virtual size: 6KB

��
Size: 28KB - Virtual size: 28KB