fabbd880e79a20f31d15e570415cb2e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fabbd880e79a20f31d15e570415cb2e8_JaffaCakes118
Size

128KB
MD5

fabbd880e79a20f31d15e570415cb2e8
SHA1

9d435a0d427882191bc38186b76230b319aebc17
SHA256

6e889a22bfa1c7f0a9babb5a2518934cbdaa6e553ccd9c5d6cdef5c4d2086264
SHA512

8e35ab42e90b6d5a80b92a56e33112b6f8651d5bd006c053f2a4dd77c7539e0e0f32631a74eead8f41bf684f6d891d7b2191bed7c530facbf3dd80ea2a40c246
SSDEEP

3072:mhbBKhFRwPX6lenUzfCAXZsXbt4KR50gd:mhbBKTuPqenUDCAXZsLt4KR2K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fabbd880e79a20f31d15e570415cb2e8_JaffaCakes118

Files

fabbd880e79a20f31d15e570415cb2e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5899854af4149db297f7ae74c5669491

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CmdBatNotification
CompareStringA
ContinueDebugEvent
ConvertDefaultLocale
CreateConsoleScreenBuffer
CreateEventA
CreateEventW
CreateFiber
CreateFileMappingA
CreateNamedPipeA
DuplicateConsoleHandle
EndUpdateResourceW
EnumDateFormatsW
EnumResourceLanguagesW
EnumTimeFormatsW
ExitProcess
FindClose
FindNextChangeNotification
FindResourceA
FoldStringW
GetCommandLineW
GetComputerNameW
GetConsoleFontInfo
GetConsoleKeyboardLayoutNameW
GetConsoleMode
GetConsoleTitleA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDefaultCommConfigA
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStringsA
GetFileAttributesA
GetHandleInformation
GetLastError
GetLocalTime
GetModuleHandleW
GetNamedPipeInfo
GetNumberFormatA
GetPrivateProfileSectionNamesA
GetProcessTimes
GetStartupInfoW
GetSystemTime
GetVersion
GetWindowsDirectoryA
GlobalFindAtomW
GlobalFree
IsBadStringPtrA
IsBadWritePtr
LocalHandle
LocalLock
LocalUnlock
LockFile
Module32Next
OpenEventW
PrepareTape
Process32First
PurgeComm
ReadFile
RegisterWaitForInputIdle
RegisterWowExec
RtlMoveMemory
SetCommState
SetConsoleCursor
SetFileTime
SetHandleCount
SetLastError
SetTapePosition
SetupComm
Sleep
SystemTimeToFileTime
TransactNamedPipe
UnlockFileEx
VirtualFree
VirtualProtect
WaitForDebugEvent
WaitForMultipleObjects
WaitForSingleObject
WriteConsoleInputVDMW
WriteConsoleOutputA
WriteProfileSectionW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA

user32

AdjustWindowRect
BroadcastSystemMessageW
CharLowerA
CharToOemW
CharUpperA
CharUpperW
CloseClipboard
CreateCaret
DdeQueryNextServer
DdeUnaccessData
DefWindowProcW
DestroyAcceleratorTable
DlgDirListA
DlgDirSelectComboBoxExW
DrawTextW
EndPaint
FindWindowA
FlashWindow
GetClipCursor
GetComboBoxInfo
GetCursor
GetCursorInfo
GetFocus
GetForegroundWindow
GetMenu
GetMenuBarInfo
GetParent
GetSysColor
GetSysColorBrush
GetSystemMenu
GetTabbedTextExtentW
GetWindowDC
GetWindowRgn
GetWindowTextA
GrayStringW
IMPQueryIMEA
InsertMenuW
InsertMenuItemA
InvalidateRect
InvalidateRgn
IsCharAlphaA
IsCharAlphaNumericW
IsCharLowerA
IsClipboardFormatAvailable
LoadCursorFromFileA
LoadStringA
MessageBoxIndirectA
OffsetRect
OpenInputDesktop
OpenWindowStationW
PostQuitMessage
RegisterClassA
RemovePropA
ScrollChildren
SendDlgItemMessageA
SendInput
SendNotifyMessageW
SetCapture
SetCaretBlinkTime
SetCaretPos
SetClassLongW
SetClipboardData
SetForegroundWindow
SetLastErrorEx
SetScrollRange
SetSysColors
SetUserObjectSecurity
UnhookWindowsHookEx
UnloadKeyboardLayout
UnregisterClassW
UnregisterHotKey

gdi32

AnimatePalette
CreateBitmapIndirect
CreateFontIndirectW
DeviceCapabilitiesExW
EndDoc
EnumFontFamiliesExA
ExtCreatePen
ExtSelectClipRgn
FrameRgn
GdiComment
GdiFlush
GdiGetBatchLimit
GetBkColor
GetBkMode
GetBoundsRect
GetClipBox
GetClipRgn
GetColorSpace
GetCurrentObject
GetGlyphOutlineW
GetKerningPairsW
GetPixel
GetPixelFormat
GetStockObject
GetTextCharsetInfo
GetViewportOrgEx
OffsetWindowOrgEx
PaintRgn
SelectClipPath
SetColorAdjustment
SetFontEnumeration
SetMapperFlags
SetPaletteEntries
SetStretchBltMode

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TAPU
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vphu
Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5899854af4149db297f7ae74c5669491

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 64KB

.TAPU Size: 4KB - Virtual size: 32KB

.vphu Size: 3KB - Virtual size: 28KB

.rsrc Size: 73KB - Virtual size: 77KB

.reloc Size: 1024B - Virtual size: 7KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 64KB

.TAPU
Size: 4KB - Virtual size: 32KB

.vphu
Size: 3KB - Virtual size: 28KB

.rsrc
Size: 73KB - Virtual size: 77KB

.reloc
Size: 1024B - Virtual size: 7KB