fb4a37f471761853aaafeb1f5fd8c328_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fb4a37f471761853aaafeb1f5fd8c328_JaffaCakes118
Size

162KB
MD5

fb4a37f471761853aaafeb1f5fd8c328
SHA1

77c1142790560378229d7310833f32558a02a4a9
SHA256

3ccb778ac863452a239986ac50b1620a806c3d1ecdf978603d43a7dcc46579f8
SHA512

6300568eb92acbcac902cb94e2aba518c86f1726e26f89ba7cbc1d08039687d7cd5f75f67e0bf0a271ef2cd74dac1b03be36f52d05ffcdae7a89b4410dcc07d9
SSDEEP

3072:QuNQNXm7ojeM6vHASAkOf/Iglnb1JDv/IvagS9fb0/x2uAFPWoxckcy6:QuNcX9KKkOf/Iglnb1JD/IvagYb0/4F2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb4a37f471761853aaafeb1f5fd8c328_JaffaCakes118

Files

fb4a37f471761853aaafeb1f5fd8c328_JaffaCakes118
.exe windows:3 windows x86 arch:x86

0cdc99e19a045303fa0d6681cf3add37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_vsnwprintf
_XcptFilter
memmove
__dllonexit
_isnan
_onexit
__CxxFrameHandler
?terminate@@YAXXZ
_purecall
memcpy
_amsg_exit
floor
_initterm
free
_CxxThrowException
malloc
_callnewh
_lock
memset
_unlock

kernel32

EnumResourceLanguagesW
CreateFileW
Module32Next
GetUserDefaultUILanguage
GetComputerNameA
WaitForMultipleObjects
CancelWaitableTimer
WaitCommEvent
ReleaseSemaphore
IsProcessorFeaturePresent
RtlUnwind
CreateSemaphoreA
GetFirmwareEnvironmentVariableW
ExitVDM
DeleteCriticalSection
GetTickCount
ReleaseMutex
ReadFile
GetCommandLineA
SetTimeZoneInformation
SizeofResource
GetProcessAffinityMask
CreateMutexA
GetProcAddress
BuildCommDCBA
GetCurrentProcess
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetEnvironmentVariableA
DebugBreak
ReadConsoleOutputCharacterA
LoadResource
CancelTimerQueueTimer
UnhandledExceptionFilter
AddConsoleAliasW
QueryPerformanceCounter
WriteProfileStringA
InterlockedCompareExchange
GlobalGetAtomNameA
WaitForMultipleObjectsEx
GetPrivateProfileSectionW
CreateFileA
SetConsoleActiveScreenBuffer
CreateProcessInternalW
ReleaseActCtx
lstrcmpi
OutputDebugStringA
DeleteFiber
GetVersion
RegisterConsoleIME
InterlockedExchange
CloseHandle
UnregisterConsoleIME
GetPrivateProfileSectionNamesA
LockResource
GetTempPathA
GetNumberFormatA
Sleep
Toolhelp32ReadProcessMemory
OpenFileMappingA
RegisterConsoleVDM
TerminateProcess
UnregisterWait
InterlockedDecrement
OpenFileMappingW
SetComputerNameW
GetSystemPowerStatus
WaitForSingleObject
MultiByteToWideChar
LeaveCriticalSection
FindResourceA
GetWindowsDirectoryW
VerifyConsoleIoHandle
DefineDosDeviceA
DebugBreak
GetConsoleNlsMode
RemoveLocalAlternateComputerNameA
EnumDateFormatsA
EnterCriticalSection
SetUnhandledExceptionFilter
DebugActiveProcess
GetConsoleCursorMode
GetFullPathNameW
WideCharToMultiByte
CmdBatNotification
GetNamedPipeInfo
MapViewOfFile
GetCurrentProcessId
EnumerateLocalComputerNamesW
LZOpenFileW
FindResourceW
GetConsoleKeyboardLayoutNameA
OpenProfileUserMapping
GetLastError
GetConsoleMode
BaseUpdateAppcompatCache
InterlockedIncrement
FreeLibrary
GetFileSizeEx
CreateEventW

ole32

CreateStreamOnHGlobal

gdi32

DeleteObject

dsprop

ADsPropSetHwnd
DllCanUnloadNow

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dQ
Size: 2KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dQPyL
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VjUpo
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Sf
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.tgvlGv
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lNvNX
Size: 3KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LV
Size: 2KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cCjTu
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nl
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cdc99e19a045303fa0d6681cf3add37

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

gdi32

dsprop

Sections

.text Size: 15KB - Virtual size: 15KB

.dQ Size: 2KB - Virtual size: 31KB

.dQPyL Size: 2KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.VjUpo Size: 3KB - Virtual size: 26KB

.data Size: 8KB - Virtual size: 20KB

.Sf Size: 1KB - Virtual size: 2KB

.tgvlGv Size: 1KB - Virtual size: 34KB

.lNvNX Size: 3KB - Virtual size: 44KB

.LV Size: 2KB - Virtual size: 35KB

.cCjTu Size: 2KB - Virtual size: 5KB

.nl Size: 2KB - Virtual size: 5KB

.rsrc Size: 110KB - Virtual size: 109KB

.text
Size: 15KB - Virtual size: 15KB

.dQ
Size: 2KB - Virtual size: 31KB

.dQPyL
Size: 2KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.VjUpo
Size: 3KB - Virtual size: 26KB

.data
Size: 8KB - Virtual size: 20KB

.Sf
Size: 1KB - Virtual size: 2KB

.tgvlGv
Size: 1KB - Virtual size: 34KB

.lNvNX
Size: 3KB - Virtual size: 44KB

.LV
Size: 2KB - Virtual size: 35KB

.cCjTu
Size: 2KB - Virtual size: 5KB

.nl
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 110KB - Virtual size: 109KB