facfa14a6dc90dd3da722a1dba451bb4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

facfa14a6dc90dd3da722a1dba451bb4_JaffaCakes118
Size

431KB
MD5

facfa14a6dc90dd3da722a1dba451bb4
SHA1

dedb5e35950aacc762655d5e11fdea910d86f2d8
SHA256

4d1fcb002017ac2c4cd3c4bdaf301ba75f7a51bd74433fea88aeda94a88685da
SHA512

75ed860f3090120c8a129cd2d91ab9457a06d204e613ef9ac343d4ad4e17676c169d44079c73ed3745a4625292471a086c72a892d1d0f65dbd8b282fca35bb81
SSDEEP

12288:yvQpFR+miI0luTfriM9LKllWiWCyidVPmz3ylxdBC:jRQI0gTfaTWz8j+TufB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
facfa14a6dc90dd3da722a1dba451bb4_JaffaCakes118

Files

facfa14a6dc90dd3da722a1dba451bb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83ceccf56e991097dc796e45eb5ef60e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

UnlockUrlCacheEntryFileW
InternetCloseHandle
CommitUrlCacheEntryW
CreateUrlCacheEntryW
InternetAttemptConnect
InternetSetFilePointer
IsHostInProxyBypassList
InternetHangUp
InternetQueryFortezzaStatus
CommitUrlCacheEntryA
SetUrlCacheHeaderData
ShowCertificate
CreateUrlCacheContainerA
InternetReadFile
InternetSetCookieA
InternetGetConnectedStateExW
InternetSetDialState
InternetSetOptionW
InternetGetCertByURLA
InternetOpenA
InternetTimeFromSystemTime

shell32

CommandLineToArgvW
SHUpdateRecycleBinIcon
InternalExtractIconListW
SHGetPathFromIDList
ShellExecuteW
SHQueryRecycleBinW
SHGetDesktopFolder
SHGetSpecialFolderPathA
RealShellExecuteExW
RealShellExecuteExA
SHEmptyRecycleBinA
ExtractAssociatedIconA
SHAddToRecentDocs

comdlg32

ChooseFontW
FindTextA
ChooseColorW
PrintDlgW
GetOpenFileNameW
PageSetupDlgA

advapi32

LookupSecurityDescriptorPartsA
RegQueryValueExW
CryptAcquireContextA
CryptSetKeyParam
RevertToSelf
RegQueryMultipleValuesW
RegSetValueA
InitializeSecurityDescriptor
CryptVerifySignatureA
StartServiceW
CryptEnumProviderTypesA
RegDeleteValueA
RegRestoreKeyW
RegEnumKeyW
RegCloseKey
CryptGenRandom
CryptContextAddRef
LookupPrivilegeDisplayNameA
CryptSetProviderExW

kernel32

HeapAlloc
VirtualAlloc
HeapFree
IsValidLocale
TlsGetValue
SystemTimeToFileTime
GetEnvironmentStringsW
IsValidCodePage
WideCharToMultiByte
EnterCriticalSection
GetFileType
GetCurrentThreadId
FindAtomW
RtlUnwind
GetStartupInfoA
GetStringTypeA
MultiByteToWideChar
GetSystemInfo
GetCurrentProcess
FindResourceA
HeapReAlloc
GetTimeFormatA
InterlockedExchange
SetThreadPriority
GetStdHandle
SetConsoleCursorInfo
LocalUnlock
IsBadWritePtr
LCMapStringW
HeapCreate
LCMapStringA
InterlockedExchangeAdd
TlsFree
lstrcpy
CreateSemaphoreW
VirtualFree
GetSystemTimeAsFileTime
GetLogicalDrives
TlsSetValue
InitializeCriticalSection
GetEnvironmentStrings
lstrlenA
CreateRemoteThread
UnhandledExceptionFilter
LoadLibraryW
GetModuleHandleA
DeleteCriticalSection
HeapSize
GetCommandLineA
GetLastError
FreeEnvironmentStringsA
WriteConsoleA
GetProcAddress
GetFileAttributesExW
GetModuleFileNameA
GetCurrentThread
GetVersionExA
GetTimeZoneInformation
CopyFileExA
SetEnvironmentVariableA
GetLocaleInfoW
GetLocaleInfoA
TlsAlloc
LoadLibraryA
GetACP
SetHandleCount
EnumSystemLocalesA
GetCurrentProcessId
QueryPerformanceCounter
GlobalGetAtomNameA
GetTickCount
FreeEnvironmentStringsW
GetCPInfo
GetStringTypeW
SetLastError
CompareStringA
CompareStringW
VirtualQuery
LeaveCriticalSection
ExitProcess
GetUserDefaultLCID
CreateWaitableTimerW
SetConsoleCP
GetEnvironmentStringsA
GetOEMCP
GetDateFormatA
VirtualProtect
TerminateProcess
WriteFile
HeapDestroy

user32

SetRectEmpty
CreateWindowExA
BlockInput
BeginDeferWindowPos

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83ceccf56e991097dc796e45eb5ef60e

Headers

File Characteristics

Imports

wininet

shell32

comdlg32

advapi32

kernel32

user32

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 273KB - Virtual size: 272KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 273KB - Virtual size: 272KB

.rsrc
Size: 11KB - Virtual size: 11KB