fb61dd688d78f5da3349d0595a466cc5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fb61dd688d78f5da3349d0595a466cc5_JaffaCakes118
Size

184KB
MD5

fb61dd688d78f5da3349d0595a466cc5
SHA1

0faa2535f6fcf94563073b3c75ce047bd70ac269
SHA256

cdb127ca68e4001d188e0e8d38d6a6363ac34e4d2654f1b313e5c90834945ab3
SHA512

92caa9a7d1dcb74b517ac31175f9e09131bd95a4d6dd20991059cfd4362a5a3a4213b348ab3178533b8a354b72d8b071723672338c3d90c3b941b5c70a8197f8
SSDEEP

3072:H8vfad4MM9ZWhM23wlaIk2lHMABk7Tqy1xgd:HQfMMah7wlauls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb61dd688d78f5da3349d0595a466cc5_JaffaCakes118

Files

fb61dd688d78f5da3349d0595a466cc5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f6689eebe785aa778314bdd2483a9f0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyA
GetUserNameA
RegEnumKeyA

kernel32

GlobalGetAtomNameA
SetErrorMode
FreeLibrary
GetCurrentThreadId
CreateEventA
GetThreadPriority
HeapDestroy
HeapCreate
SetEvent
GlobalFree
lstrcmpA
GlobalAlloc
GetLocalTime
GetTimeFormatA
GetLocaleInfoA
CreateFileA
DeviceIoControl
GetUserDefaultLangID
Sleep
CreateThread
GetCurrentThread
SetThreadPriority
InitializeCriticalSection
GetTickCount
SetProcessShutdownParameters
WaitForSingleObject
GetCommandLineA
GetProcessHeap
GetStartupInfoA
WinExec
GetModuleHandleA
ExitProcess
GetPrivateProfileStringA
GetCurrentProcessId
GetModuleFileNameA
HeapFree
HeapAlloc
GetLastError
CreateProcessA
IsBadReadPtr
lstrcatA
lstrlenA
GetSystemDirectoryA
GetProfileStringA
EnterCriticalSection
GetWindowsDirectoryA
SetCurrentDirectoryA
CloseHandle
LeaveCriticalSection
lstrcpynA
LoadLibraryA
lstrcmpiA
lstrcpyA
SetLastError
GetProcAddress
FormatMessageA
GetDateFormatA
SetSystemPowerState
LocalAlloc
GetVersionExA
InterlockedExchange
ord99
RaiseException

gdi32

SetTextColor
GetDeviceCaps
CreateRectRgnIndirect
GetObjectA
CreateCompatibleDC
GetTextExtentPointA
CreateCompatibleBitmap
DeleteDC
SelectObject
SetBkColor
ExtTextOutA
CreateFontIndirectA
DeleteObject
GetClipBox

user32

GetMenuState
EnableMenuItem
ScreenToClient
GetSystemMenu
GetSystemMetrics
PostMessageA
GetMessagePos
GetWindow
RegisterWindowMessageA
CreateWindowExA
SetWindowLongA
SetScrollPos
GetClientRect
MapWindowPoints
RedrawWindow
InflateRect
EqualRect
UnionRect
SetTimer
DefWindowProcA
GetSysColor
GetFocus
GetKeyState
PtInRect
GetCursorPos
RegisterClassExA
GetClassInfoExA
IsWindowEnabled
IsChild
RegisterClassA
RemoveMenu
GetSubMenu
LoadMenuA
ReleaseDC
DestroyIcon
LoadImageA
GetDC
SetRect
CopyRect
GetDlgCtrlID
CallWindowProcA
SetWindowPlacement
BroadcastSystemMessage
SendNotifyMessageA
UpdateWindow
LoadBitmapA
ShowWindow
TrackPopupMenuEx
TranslateAcceleratorA
LoadAcceleratorsA
GetMenuItemCount
CharUpperBuffA
GetMenuItemInfoA
SetActiveWindow
SubtractRect
InvalidateRect
AdjustWindowRectEx
SetRectEmpty
CheckDlgButton
IsWindow
GetForegroundWindow
MoveWindow
SetWindowRgn
IsMenu
SetCursor
PostQuitMessage
GetActiveWindow
MessageBeep
PostThreadMessageA
SendMessageTimeoutA
UnregisterHotKey
RegisterHotKey
ChangeDisplaySettingsA
EndPaint
DrawEdge
BeginPaint
ModifyMenuA
SetMenuDefaultItem
DeleteMenu
TrackPopupMenu
ClientToScreen
LoadIconA
RemovePropA
SetPropA
AppendMenuA
InsertMenuItemA
InsertMenuA
EnumChildWindows
SetWindowTextA
EnumDisplaySettingsA
SetMenuItemInfoA
IsWindowVisible
SwitchToThisWindow
DrawCaptionTempA
EndTask
CascadeWindows
TileWindows
SendMessageCallbackA
KillTimer
GetLastActivePopup
IsRectEmpty
GetWindowLongA
SetScrollInfo
GetScrollInfo
SetWindowPos
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetWindowRect
WaitMessage
WindowFromPoint
SetForegroundWindow
LoadStringA
MessageBoxA
EnumWindows
GetWindowThreadProcessId
CharPrevA
GetShellWindow
FindWindowA
SystemParametersInfoA
wsprintfA
MsgWaitForMultipleObjects
TranslateMessage
CharNextA
CreatePopupMenu
GetMenuDefaultItem
DestroyMenu
PeekMessageA
DispatchMessageA
GetAsyncKeyState
GetDesktopWindow
SetClassLongA
LoadCursorA
GetClassNameA
GetParent
SetFocus
SendMessageA
GetDlgItem
EnableWindow
IsDlgButtonChecked
DestroyWindow
SendDlgItemMessageA
GetWindowTextA
ShowWindowAsync

shlwapi

PathStripToRootA
PathFindExtensionA
ord16
SHRegGetUSValueA
StrCmpNIA
PathIsRootA
StrToIntA
StrChrA
ord8
ord9
ord10
SHGetValueA
StrRChrA
PathFindFileNameA
PathRemoveFileSpecA
PathGetArgsA
PathUnquoteSpacesA

comctl32

ord324
ord234
InitCommonControlsEx
ord323
ord321
ord322
ord326
ord332
CreatePropertySheetPageA
ord325
ord334
ord328
ord336
ord327
ImageList_Remove
PropertySheetA
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Destroy
ImageList_SetBkColor
ImageList_Create
ImageList_GetImageCount
ord329
ImageList_Draw
ImageList_GetIconSize
ord320

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f6689eebe785aa778314bdd2483a9f0e

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

shlwapi

comctl32

Sections

.text Size: 80KB - Virtual size: 78KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 80KB - Virtual size: 78KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 80KB - Virtual size: 78KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 80KB - Virtual size: 78KB

.reloc
Size: 12KB - Virtual size: 12KB