fb56e3d08b3fdf0be79c01e56f983dd8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb56e3d08b3fdf0be79c01e56f983dd8_JaffaCakes118
Size

212KB
MD5

fb56e3d08b3fdf0be79c01e56f983dd8
SHA1

6c3f595864e5430173b1018cc23421a47bc439a7
SHA256

ab0e0ccfa6e63535550aefa8ba2b837167b38503762ec8e7b5dd26b0477bf023
SHA512

7eaabc937b6cdd91a190b92e6d7753b5b59bdcc4c8a1b2be543e58a9725a20a35ea6aea9a24a82a3fcda647de3df570f0041ff08090af1da563b7e5dd622e804
SSDEEP

3072:eQ4v5oz+cLoETQk1NPDOoKP8Svt84WcEGq0yjCwOeqbYo2OGBD6/m0bXrI+R:QWO0ryoIvvecZeOYomBDsmK3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb56e3d08b3fdf0be79c01e56f983dd8_JaffaCakes118

Files

fb56e3d08b3fdf0be79c01e56f983dd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

730de725764ec3203a79eb1f4f8a208a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW
DragQueryFileA
ExtractAssociatedIconW
ExtractIconA
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderW
SHCreateDirectoryExA
SHCreateDirectoryExW
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfo
SHGetFolderLocation
SHGetFolderPathA
SHGetPathFromIDList
SHGetSettings
ShellExecuteA
ShellExecuteEx
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconA

gdi32

CopyEnhMetaFileA
CreateDCA
CreateDIBitmap
CreateHatchBrush
CreateICW
EndPage
EnumFontsA
GetBrushOrgEx
GetClipBox
GetCurrentObject
GetCurrentPositionEx
GetEnhMetaFileBits
GetObjectA
GetOutlineTextMetricsA
GetPaletteEntries
GetPixel
GetTextColor
GetWinMetaFileBits
GetWindowExtEx
OffsetClipRgn
Rectangle
SetAbortProc
SetGraphicsMode
SetPolyFillMode
SetRectRgn
SetViewportExtEx
StartPage
StrokePath

comctl32

CreateToolbarEx
ImageList_AddMasked
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_GetIconSize
ImageList_LoadImageW
ImageList_Read
ImageList_SetDragCursorImage
ImageList_SetIconSize
InitCommonControlsEx
PropertySheetA
PropertySheetW

kernel32

DisableThreadLibraryCalls
FileTimeToLocalFileTime
FreeEnvironmentStringsA
GetACP
GetFileSize
MultiByteToWideChar
SetThreadPriority
TerminateProcess
VirtualFree
VirtualQuery

user32

ClientToScreen
DestroyMenu
DestroyWindow
DispatchMessageA
DrawIconEx
EqualRect
GetClassInfoA
GetCursorPos
GetDlgItem
GetParent
GetWindow
GetWindowTextA
LoadIconA
RedrawWindow
RegisterWindowMessageA
ReleaseCapture
ScreenToClient
ScrollWindow
SetRect
SetWindowPos
WindowFromPoint

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

nA76qYql
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

730de725764ec3203a79eb1f4f8a208a

Headers

File Characteristics

Imports

shell32

gdi32

comctl32

kernel32

user32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

nA76qYql Size: 2KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

nA76qYql
Size: 2KB - Virtual size: 120KB