faa18c5fd50c86b6129d97907a865ace_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

faa18c5fd50c86b6129d97907a865ace_JaffaCakes118
Size

380KB
MD5

faa18c5fd50c86b6129d97907a865ace
SHA1

3efb6650c53a5ec79d925bbf4ab482663b7ccdac
SHA256

79d2017649e4eb9a590b37ddc947aa14aa289048a73224a9492d33a120d03c7b
SHA512

c4f6ca6c55075d077b7ea4c3c980dab733274c792aa1b4c6c31db87834e3ae80bb402ceab9a8b7bb1b590db22dc5ab6794d719595c18d7e0848f21ecbdad8269
SSDEEP

6144:T8lE+OSu9Jmby77SWMgwEoiYIcCYatLk28dIKNjgK/ir2o0aCCxeiZ:q7eKyCWM62Ic/48LuKtkCCI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faa18c5fd50c86b6129d97907a865ace_JaffaCakes118

Files

faa18c5fd50c86b6129d97907a865ace_JaffaCakes118
.exe windows:4 windows x86 arch:x86

897c3d915e8769d54469201c283b1865

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\rpsosv\nib\sbjye\stfokip\gcureaowh.pdb

Imports

user32

TranslateAcceleratorA
CharPrevExA
PostThreadMessageW
GetWindowDC
LookupIconIdFromDirectory
GetLastActivePopup
IsZoomed
LoadCursorFromFileW
PtInRect
UnionRect
ModifyMenuW
SetWindowTextA
AppendMenuA
EnumDisplaySettingsA
CharNextW
EnumDesktopsW
SendInput
RegisterClipboardFormatA
GetWindowRect
GetNextDlgTabItem
MessageBoxA
SetClassWord
TranslateAccelerator
GetClassLongW
DdeQueryConvInfo
ChangeClipboardChain
LoadAcceleratorsW
PostMessageW
DestroyCaret
CascadeChildWindows
ValidateRgn
GetMenuInfo
DestroyCursor
GetInputDesktop
GetWindowLongW
DdeImpersonateClient
SetSystemCursor
LoadAcceleratorsA
CreateIconIndirect
LoadCursorW
FillRect
EnableScrollBar
OpenDesktopW
GetThreadDesktop
TranslateMDISysAccel
CreateCursor
DlgDirListComboBoxA
SetKeyboardState
GetFocus
GetNextDlgGroupItem
GetActiveWindow
LoadIconW
ReleaseDC
RegisterClassA
DdeDisconnect
UnloadKeyboardLayout
ToAscii
RegisterClassExA
EnumDisplaySettingsExW
ClipCursor
CallWindowProcW
ToAsciiEx
ActivateKeyboardLayout
CreateIconFromResource
CreateIcon

comctl32

ImageList_GetIconSize
InitCommonControlsEx
ImageList_GetBkColor
ImageList_LoadImage
ImageList_DrawEx
DrawStatusText
ImageList_LoadImageA
DestroyPropertySheetPage
ImageList_SetImageCount
ImageList_Read
InitMUILanguage
ImageList_Destroy

kernel32

SetSystemTime
VirtualQuery
IsDebuggerPresent
FlushFileBuffers
FreeLibrary
ReadConsoleOutputA
HeapReAlloc
VirtualAllocEx
WaitForDebugEvent
LocalHandle
FreeEnvironmentStringsW
GetTickCount
GetStartupInfoA
GetThreadLocale
SetComputerNameW
GetSystemInfo
EnumSystemCodePagesA
AddAtomA
InterlockedIncrement
GetFileSize
CreateFileA
HeapFree
GetPriorityClass
GetTimeZoneInformation
LCMapStringA
GetSystemTimeAsFileTime
LeaveCriticalSection
GetDateFormatW
EnumCalendarInfoA
TlsAlloc
Sleep
SetUnhandledExceptionFilter
VirtualAlloc
GetOEMCP
HeapDestroy
InterlockedDecrement
SetFilePointer
GetModuleHandleA
GetConsoleOutputCP
GetEnvironmentStrings
OpenMutexA
GetStringTypeW
CreateDirectoryExA
DosDateTimeToFileTime
GetVersionExA
CreateThread
EnumDateFormatsW
EnumSystemLocalesA
GetLastError
IsValidLocale
GetThreadTimes
InterlockedExchange
RtlUnwind
GetPrivateProfileIntA
WriteFile
GetFileType
SetConsoleCtrlHandler
SetLocaleInfoA
HeapValidate
GetCompressedFileSizeW
GlobalUnfix
GetSystemDirectoryW
TlsGetValue
QueryPerformanceCounter
lstrcmpiW
GetLocaleInfoW
SetHandleCount
WriteConsoleA
GetProcAddress
GetWindowsDirectoryA
EnumDateFormatsExW
WriteConsoleOutputW
GetACP
TerminateProcess
LocalCompact
FreeResource
WritePrivateProfileStructA
SetPriorityClass
MultiByteToWideChar
GetLogicalDriveStringsW
GetCurrentDirectoryA
DeleteCriticalSection
EnumResourceNamesA
GetCommandLineW
CreateToolhelp32Snapshot
FoldStringW
CompareStringA
FlushInstructionCache
CreateMutexA
GetProfileSectionW
GetCPInfo
GetConsoleMode
SetVolumeLabelW
ReadFile
UnhandledExceptionFilter
GetConsoleCP
GetEnvironmentStringsW
IsValidCodePage
LCMapStringW
GetThreadSelectorEntry
lstrcmp
WritePrivateProfileStringA
GetLocaleInfoA
GetStdHandle
GetCurrentProcessId
EnumSystemCodePagesW
GetLongPathNameA
InitializeCriticalSection
HeapAlloc
LocalReAlloc
HeapSize
TlsSetValue
SetLastError
SetStdHandle
TlsFree
GetCurrentThreadId
CompareStringW
SetThreadIdealProcessor
GetUserDefaultLCID
GetCurrencyFormatA
VirtualFree
GetDiskFreeSpaceA
GetTimeFormatA
CloseHandle
GetCurrentThread
GetCurrentProcess
ExitProcess
GetDateFormatA
ExpandEnvironmentStringsW
LoadLibraryA
WriteConsoleW
FreeEnvironmentStringsA
EnterCriticalSection
GetTempPathA
OpenSemaphoreA
WideCharToMultiByte
LocalSize
GetCalendarInfoW
ResetEvent
LoadModule
OpenSemaphoreW
SetEnvironmentVariableA
GetModuleFileNameA
CreateProcessW
GetProcessHeap
GetStringTypeA
HeapCreate
FindResourceExW
GetCommandLineA

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

897c3d915e8769d54469201c283b1865

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 104KB - Virtual size: 122KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 104KB - Virtual size: 122KB

.rsrc
Size: 16KB - Virtual size: 14KB