fb6d0a31b6b23b87eb5b37884c8c1494_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb6d0a31b6b23b87eb5b37884c8c1494_JaffaCakes118
Size

180KB
MD5

fb6d0a31b6b23b87eb5b37884c8c1494
SHA1

a970e0187bf3f33ed511fcf5343097887792cc1f
SHA256

9535fc6ad6b7d984fc9138ac8004178aa652b3b22a0b5ea302b23acd9956e8d5
SHA512

cc0227f80062e73a5cbcdb45e5f93fb3d774ca0252c5066993003414cb89e3b5f300254999406deb123243eacbd379d16ad6ea4a736c4385ba99e3dd8240e25b
SSDEEP

3072:LhRqOgoD37xvNw/kzytGdHwbsW/Iuc/FZ4aWAXWPaNuGwehRWHROd0aicO3N:3qXoPxFw/GJdHwbL/IlZ4aWAGPaA3ARy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb6d0a31b6b23b87eb5b37884c8c1494_JaffaCakes118

Files

fb6d0a31b6b23b87eb5b37884c8c1494_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a6529f84e6083ab3ff44ca8950d617d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
LoadLibraryA
SetEvent
SetEvent
CloseHandle
FreeLibrary
SetFilePointer
GetCurrentThreadId
GetProcessHeap
GetModuleHandleA
VirtualAlloc
SetEvent
InterlockedDecrement
GetModuleHandleW
SetFilePointer
LoadLibraryW
WideCharToMultiByte
GetProcessHeap
WaitForSingleObject
DeleteCriticalSection
WideCharToMultiByte
lstrlenW
GetCommandLineW
SleepEx
FreeLibrary
GetModuleHandleA
FreeLibrary
SetEvent
CloseHandle
SetEvent
VirtualAlloc
GetStartupInfoW
HeapReAlloc
LeaveCriticalSection
Sleep
GetCurrentProcessId
GetCommandLineA
GetModuleHandleA
GetStartupInfoA

advapi32

SetSecurityDescriptorDacl
RegCreateKeyExW
RegQueryInfoKeyW
RegSetValueExA
RegOpenKeyW
GetLengthSid
RegDeleteValueW
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExA
RegEnumKeyExW
RegOpenKeyExA
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyW
InitializeSecurityDescriptor
RegCreateKeyExA
AddAccessAllowedAce
RegCreateKeyExA
AllocateAndInitializeSid
RegQueryValueExA
GetLengthSid
RegEnumKeyExW
RegQueryValueExW
RegQueryInfoKeyW
SetSecurityDescriptorDacl
RegOpenKeyExA
AllocateAndInitializeSid
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
GetLengthSid
CloseServiceHandle
RegOpenKeyW
GetLengthSid
RegCreateKeyExA
SetSecurityDescriptorDacl
InitializeAcl

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectW
GetStockObject
GetDeviceCaps
DeleteDC
GetDeviceCaps
CreateCompatibleDC
GetObjectW
SetBkMode
TextOutW
MoveToEx
GetDeviceCaps
CreateCompatibleBitmap
SetTextColor
LineTo
BitBlt
DeleteObject
TextOutW
DeleteObject
GetObjectW
LineTo
DeleteObject
PatBlt
DeleteObject
DeleteDC
CreateBitmap
GetStockObject
GetStockObject
BitBlt
GetDeviceCaps
SetTextColor
CreateBitmap
BitBlt
BitBlt
GetStockObject
MoveToEx
MoveToEx

shell32

SHGetMalloc
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoW
Shell_NotifyIconW
Shell_NotifyIconW
DragFinish
Shell_NotifyIconW
SHGetFileInfoW
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFolderPathW
SHGetSpecialFolderPathW
DragAcceptFiles
SHChangeNotify
SHGetPathFromIDListW
CommandLineToArgvW
ExtractIconW
DragAcceptFiles
SHGetDesktopFolder
SHChangeNotify
ExtractIconW
Shell_NotifyIconW
SHGetMalloc
SHGetMalloc
CommandLineToArgvW
SHChangeNotify
SHGetSpecialFolderLocation
DragAcceptFiles
ExtractIconW
DragFinish
SHGetPathFromIDListW
ShellExecuteExW

user32

SetCapture
DestroyWindow
GetWindow
LoadIconW
GetSystemMetrics
ShowWindow
PostQuitMessage
GetParent
GetDesktopWindow
GetWindowLongW
SetTimer
GetDesktopWindow
DestroyWindow
SystemParametersInfoW
GetFocus
DestroyWindow
LoadStringA
GetSysColor
GetWindowTextW
EndDialog
DialogBoxParamW
SetWindowTextW
FillRect
GetSubMenu
LoadCursorW
SendMessageW
MapWindowPoints
DestroyIcon
SetForegroundWindow
EnableWindow
MoveWindow
GetParent
SetCapture
SendMessageW
DrawTextW
MessageBeep
CopyRect
IsWindow
KillTimer

Sections

.text
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a6529f84e6083ab3ff44ca8950d617d

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

shell32

user32

Sections

.text Size: 49KB - Virtual size: 52KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 123KB - Virtual size: 124KB

.rsrc Size: 1024B - Virtual size: 156KB

.text
Size: 49KB - Virtual size: 52KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 123KB - Virtual size: 124KB

.rsrc
Size: 1024B - Virtual size: 156KB