fac6576c6edc92fbddb73fa70ee6167b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fac6576c6edc92fbddb73fa70ee6167b_JaffaCakes118
Size

2.3MB
MD5

fac6576c6edc92fbddb73fa70ee6167b
SHA1

7479d660442066f60cc761b4cdeab791ef4aa7c9
SHA256

30978b8cfa59531baa882568bf303acd19851f1aa7096128bebd1a4bce4c1f1d
SHA512

107c6d22bf00a70b26e1ebc2e13c8d649e53b7b0c813e454f809cf1724b070f05787108cb276ec3f9e097b6aab2d03d6ba58164202f0df0950b4afcfe7485a4d
SSDEEP

24576:SQzi9/SIk+kfmap7td1buica+/r48/LS3SiiGDO:S19/XK+aJtmnZk7U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fac6576c6edc92fbddb73fa70ee6167b_JaffaCakes118

Files

fac6576c6edc92fbddb73fa70ee6167b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

39fb0f4b388a5e7f1bf8ff31f9bb20dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

UnregisterGPNotification
LeaveCriticalPolicySection

winscard

SCardFreeMemory

user32

FreeDDElParam
GetIconInfo
CopyIcon
CopyImage
DestroyIcon
DrawFocusRect
ShowCursor
AdjustWindowRect
ShowScrollBar
ScrollWindowEx
SetMenuDefaultItem
CreatePopupMenu
GetDlgItemInt
EndDialog
IsIconic
PeekMessageW

kernel32

CloseHandle
CreateFileW
WideCharToMultiByte
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
GlobalAlloc
GlobalFree
VirtualAlloc
HeapDestroy
HeapAlloc
HeapSize
EnterCriticalSection
DeleteCriticalSection
ReleaseMutex
SetCommConfig
MulDiv
GetSystemInfo
CompareFileTime
lstrcmpiW
CreateEventW
GetModuleFileNameW
GetModuleHandleW
GetFullPathNameW
MoveFileWithProgressW
GetACP
GetCPInfo
GetCPInfoExW
LCMapStringW
GetThreadLocale
GetConsoleWindow
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
LoadLibraryExW
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsDebuggerPresent
IsValidCodePage
GetOEMCP
LeaveCriticalSection
HeapFree

advapi32

RegDeleteKeyW

wininet

InternetCrackUrlW
InternetOpenW
InternetSetOptionW
HttpSendRequestW
HttpOpenRequestW

winspool.drv

AddJobW

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 698KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.o64010
Size: 708KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tbt6y
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0a0he
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39fb0f4b388a5e7f1bf8ff31f9bb20dd

Headers

File Characteristics

Imports

userenv

winscard

user32

kernel32

advapi32

wininet

winspool.drv

Sections

.text Size: 102KB - Virtual size: 102KB

.data Size: 698KB - Virtual size: 7.5MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.o64010 Size: 708KB - Virtual size: 708KB

.tbt6y Size: 358KB - Virtual size: 358KB

.0a0he Size: 109KB - Virtual size: 108KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 102KB - Virtual size: 102KB

.data
Size: 698KB - Virtual size: 7.5MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.o64010
Size: 708KB - Virtual size: 708KB

.tbt6y
Size: 358KB - Virtual size: 358KB

.0a0he
Size: 109KB - Virtual size: 108KB

.rsrc
Size: 362KB - Virtual size: 362KB