facc034084ae1c645e02b68717d1dc01_JaffaCakes118

General

Target

facc034084ae1c645e02b68717d1dc01_JaffaCakes118
Size

54KB
MD5

facc034084ae1c645e02b68717d1dc01
SHA1

5d5cb7ae2ab6396de82e31a4b234891df1f177c7
SHA256

6024f31636067331a864eb1088afc04722bec1bc525e1324b6d237f4037766d6
SHA512

fe524c530843be46cbd8e306ed20f348ab0935920e0d9946b36e5ba5a9909e6dc802c305f7d75212cf4ceefd9a5588b8ed6c9d44fda3691386ff6d4063a84a6e
SSDEEP

1536:x/KXDNDermEbz0us5i9L0OEP1uLrXW4hYLMamCCtdhVc1:hC6rzIus+0vP1orm6Yv8rVc1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
facc034084ae1c645e02b68717d1dc01_JaffaCakes118

Files

facc034084ae1c645e02b68717d1dc01_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1971e14a5bd97ba9c0742c446f17fc41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupSeek
CopyFileExW
CreateFiber
ExitProcess
FindNextFileW
FoldStringA
GetConsoleCursorInfo
GetDiskFreeSpaceA
GetEnvironmentStringsA
GetFullPathNameW
GetProcessAffinityMask
GetThreadLocale
GetTimeFormatA
HeapValidate
LoadLibraryExW
LocalCompact
MoveFileExA
OpenFile
QueryPerformanceFrequency
ReadConsoleOutputA
ReadConsoleW
RemoveDirectoryW
RtlZeroMemory
ScrollConsoleScreenBufferA
WriteConsoleW
lstrcat

advapi32

CloseServiceHandle
CryptAcquireContextW
CryptEnumProvidersA
CryptSetProvParam
CryptSetProviderExA
EnumDependentServicesA
EnumServicesStatusW
EqualPrefixSid
GetAccessPermissionsForObjectW
GetSecurityDescriptorDacl
GetSecurityDescriptorLength
GetSidSubAuthorityCount
GetTrusteeNameW
GetUserNameA
ObjectDeleteAuditAlarmA
OpenSCManagerW
RegEnumKeyExW
RegEnumValueA
RegisterServiceCtrlHandlerW
ReportEventA
SetEntriesInAccessListA
SetNamedSecurityInfoExW
SetServiceBits

user32

ActivateKeyboardLayout
CharLowerBuffA
CreateWindowStationA
DdeCmpStringHandles
DdeFreeDataHandle
DdeInitializeA
DlgDirSelectComboBoxExW
EnumThreadWindows
FindWindowA
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuItemCount
GetWindowThreadProcessId
SendMessageCallbackW
SetDebugErrorLevel
SetDlgItemInt
SetPropA
SetWindowsHookA
ShowWindowAsync
TrackMouseEvent
TrackPopupMenuEx

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1971e14a5bd97ba9c0742c446f17fc41

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 52KB - Virtual size: 60KB

.idata Size: - Virtual size: 4KB

.rsrc Size: - Virtual size: 56KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 52KB - Virtual size: 60KB

.idata
Size: - Virtual size: 4KB

.rsrc
Size: - Virtual size: 56KB