fb6a5365b913c79245f53e297653ba72_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fb6a5365b913c79245f53e297653ba72_JaffaCakes118
Size

28KB
MD5

fb6a5365b913c79245f53e297653ba72
SHA1

870e9fedb0b0f1412fd99ab2fa33a8ce6387b02a
SHA256

2f85cb5ed6af7c8c8038e3cb59cb99a715adf95250c02b51462d0e5cd4cc901e
SHA512

004c104fa923993bf72b4432a2a74360250068b3b0a4a43fbe2b8ef41a48aa5e7f94cd8029221c5f821d2b097fbade0aa957d29ab49c297adc84d140dac601b6
SSDEEP

384:yJ7EABqjRGTohxjp4uNirsWAUbE1N+IOMXba8INORPBvIhA3POVg6KxHA:4h4NFWA9XOs28jYG3POyLxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb6a5365b913c79245f53e297653ba72_JaffaCakes118

Files

fb6a5365b913c79245f53e297653ba72_JaffaCakes118
.exe windows:5 windows x86 arch:x86

23f7ca2a4f09e0fb738b49385ae7d2fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
CreateEventW
WinExec
SetThreadPriority
CreateThread
FreeLibrary
GetProcAddress
LoadLibraryW
ExitThread
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WaitForSingleObject
CreateFileW
DeviceIoControl
GetVersionExW
CreateMutexW
CloseHandle
GetVersion
Sleep
QueryPerformanceCounter
GetLastError
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
RtlUnwind
VirtualQuery
HeapReAlloc
VirtualAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
HeapFree
VirtualFree
GetCommandLineA
GetVersionExA
GetStartupInfoA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
GetUserNameW

user32

SetTimer
GetMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
KillTimer
PostMessageW
IsIconic
ShowWindow
SetForegroundWindow
DefWindowProcW
BeginPaint
EndPaint
DestroyWindow
CreateWindowExW
RegisterClassW
FindWindowW

shell32

ShellExecuteW

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

23f7ca2a4f09e0fb738b49385ae7d2fd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shell32

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 8KB