fb6ba9e1fe76dda4d553570dc9bd2f83_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb6ba9e1fe76dda4d553570dc9bd2f83_JaffaCakes118
Size

584KB
MD5

fb6ba9e1fe76dda4d553570dc9bd2f83
SHA1

20d28219737c51b4d347e4474ef02c284d096dd9
SHA256

7a66df36797ff1ad6b8b39af56be681a4babba2bb2a0b3101f2fe79931bd0750
SHA512

584a518bcafe502f3f388dd87e7a0182f774cf9c91988533a911784c7bdc759ad366b82e0bb2aebe2c1f91323ac9968b74656562288e77f2fc68ce3b090a83fd
SSDEEP

6144:FDPYWre7hwYRAQLjMJ9S5h83Jpa4+sozOxz2l78xxI8uzKFUFYmPLf9G9VwIy8Zq:xPYIdyoJMzcz2lo0t7qL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb6ba9e1fe76dda4d553570dc9bd2f83_JaffaCakes118

Files

fb6ba9e1fe76dda4d553570dc9bd2f83_JaffaCakes118
.dll windows:4 windows x86 arch:x86

66e581b87ab9ae5811ad796442c48751

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToSystemTime
GetTimeZoneInformation
SetEndOfFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CreateFileA
CompareStringW
CompareStringA
InterlockedExchange
HeapSize
RtlUnwind
InitializeCriticalSection
SetFilePointer
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
SetStdHandle
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCPInfo
UnhandledExceptionFilter
SetEnvironmentVariableW
SetEnvironmentVariableA
FlushFileBuffers
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
FileTimeToLocalFileTime
WriteFile
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
WideCharToMultiByte
DeleteCriticalSection
HeapFree
HeapReAlloc
HeapAlloc
GetVersionExA
CreateThread
GetCurrentThreadId
ExitThread
GetFileAttributesA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
TerminateProcess
GetModuleHandleA
ExitProcess
FindClose
FindNextFileA
FindFirstFileA
GetExitCodeThread
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetLastError
FormatMessageA
LocalFree
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameA
GetProcessHeap
GetCurrencyFormatA
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
ReadFile
Beep

advapi32

RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
RegCloseKey

msvcrt

memset

Exports

Exports

fwjah

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 552KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66e581b87ab9ae5811ad796442c48751

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 17KB

.data Size: 552KB - Virtual size: 550KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 17KB

.data
Size: 552KB - Virtual size: 550KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 4KB - Virtual size: 1KB