fb2b791d3e23b2d6226e02655c5e54c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb2b791d3e23b2d6226e02655c5e54c2_JaffaCakes118
Size

556KB
MD5

fb2b791d3e23b2d6226e02655c5e54c2
SHA1

ebaf83dab2da1ace662d3874c0f73fd682894a12
SHA256

ab851880bda572ffc321273ddae3f245e861180dd41cf1ba5e079f531b69ddbf
SHA512

3b060eb274f063d726cc0232b63e4ced126e34189b09ba5126f08ba1eab0540315c50ddde5a6cac79ceb81c73e11f0df96850e4c32943fa7e8febffab1d22884
SSDEEP

12288:WCbUpOA/W2oXcNN47WpRx3mKBCRIJZie1/:/yOA/zDNN4eJmKBgIJZx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb2b791d3e23b2d6226e02655c5e54c2_JaffaCakes118

Files

fb2b791d3e23b2d6226e02655c5e54c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab3229957fa6784abf24a0eba2ca6be1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
HeapSize
HeapReAlloc
GetVersionExA
GetProfileSectionA
lstrcat
FreeLibrary
GetCurrentProcessId
SetEnvironmentVariableA
CreateFileA
GetCurrentThreadId
FindFirstFileExW
CompareStringA
FindResourceExW
LeaveCriticalSection
GetModuleFileNameA
HeapDestroy
GetCurrentThread
WriteFile
GetEnvironmentStrings
FormatMessageW
LoadLibraryA
LCMapStringW
ReadFile
TerminateProcess
Sleep
GetLocaleInfoA
SetFilePointer
SetHandleCount
IsDebuggerPresent
FreeEnvironmentStringsA
EnumCalendarInfoA
ExitProcess
VirtualFree
GetEnvironmentStringsW
InterlockedIncrement
TlsAlloc
GetLocaleInfoW
SetLastError
VirtualQuery
TlsGetValue
GetCommandLineA
IsValidLocale
GetPrivateProfileSectionNamesW
GetStdHandle
DeleteCriticalSection
RtlUnwind
GetProcessHeap
GetCPInfo
GetModuleFileNameW
GetCalendarInfoW
CloseHandle
CreateMutexA
FlushFileBuffers
LCMapStringA
HeapFree
GetConsoleMode
ReadFileEx
OpenMutexA
GetConsoleOutputCP
SetUnhandledExceptionFilter
HeapAlloc
GetUserDefaultLCID
CompareStringW
GetACP
QueryPerformanceCounter
FillConsoleOutputCharacterW
VirtualAlloc
InitializeCriticalSection
GetTimeZoneInformation
GetStringTypeW
GetTickCount
SetConsoleCursorInfo
WriteConsoleW
IsValidCodePage
GetTimeFormatA
GetLastError
GetCommandLineW
CompareFileTime
WaitCommEvent
GetStringTypeA
SetStdHandle
GetStartupInfoW
EnterCriticalSection
GetConsoleCP
MultiByteToWideChar
GetCurrentProcess
GetStartupInfoA
TlsFree
GetFileType
HeapCreate
GetProcAddress
GetSystemTimeAsFileTime
RtlZeroMemory
WriteConsoleA
GetOEMCP
SetConsoleCtrlHandler
WideCharToMultiByte
UnhandledExceptionFilter
GetNamedPipeHandleStateW
GetModuleHandleA
InterlockedExchange
FreeEnvironmentStringsW
InterlockedDecrement
TlsSetValue
EnumSystemLocalesA

comctl32

ImageList_DrawEx
ImageList_GetImageRect
InitCommonControlsEx

user32

CharUpperBuffA
WinHelpA
PeekMessageW
RegisterClassA
GetParent
SetFocus
GetWindowThreadProcessId
ShowWindow
OemToCharBuffW
GetQueueStatus
GetKeyboardLayout
DefWindowProcW
LoadAcceleratorsA
DestroyWindow
CreateWindowExW
CallMsgFilterA
RegisterClassExA
GetWindowContextHelpId
EnumPropsW
MessageBoxA
GetCaretBlinkTime
EndDialog
DdeSetQualityOfService

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab3229957fa6784abf24a0eba2ca6be1

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 264KB - Virtual size: 260KB

.data Size: 108KB - Virtual size: 115KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 264KB - Virtual size: 260KB

.data
Size: 108KB - Virtual size: 115KB

.rsrc
Size: 16KB - Virtual size: 14KB