fb8ea9d893f83719b534f8fc4ba22072_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb8ea9d893f83719b534f8fc4ba22072_JaffaCakes118
Size

1.4MB
MD5

fb8ea9d893f83719b534f8fc4ba22072
SHA1

6e3e3d44a7e544672c5f892bc1e70cd9ae7c34d3
SHA256

03498cce72a7f114c600e58ed96bb90e30ecfb81c8b415ccc3a64a4cbd99dfd5
SHA512

2e4db8f48b1edf335cda615020ca9e63f73136da80a1c8a418af005d41492b21f4361077013cb319a50ac46faff2db87140a5a45745630381918741b52066ee8
SSDEEP

24576:jw8goJzM7RNztKXk5z/wQI9AAXbToLzIBDt28pbqpcjB8z8KEQTe9z:eoJoFN5KcTebToLz8DzpbyiyGQTe9z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb8ea9d893f83719b534f8fc4ba22072_JaffaCakes118

Files

fb8ea9d893f83719b534f8fc4ba22072_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fad8f1f2334c05134d37df6890de438

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
WriteFile
GetTempFileNameA
GetFileSize
GetWindowsDirectoryA
FindClose
FindFirstFileA
GetExitCodeProcess
WaitForSingleObject
OpenProcess
CreateFileA
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryA
GetCurrentDirectoryA
GetCurrentProcess
GetVersionExA
LocalFree
LocalAlloc
GetTempPathA
GetShortPathNameA
SetFilePointer
ReadFile
DeleteFileA
WritePrivateProfileStringA
WinExec
CreateProcessA
FreeLibrary
VirtualAlloc
HeapReAlloc
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
CloseHandle
HeapFree
HeapAlloc
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
LCMapStringA
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
SetLastError
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
GetLastError
RtlUnwind
GetCPInfo

user32

SystemParametersInfoA
MessageBoxA
wsprintfA
ExitWindowsEx

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegFlushKey
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

ole32

CoInitialize
CoUninitialize

oleaut32

LoadTypeLi
RegisterTypeLi

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fad8f1f2334c05134d37df6890de438

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

version

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 8KB - Virtual size: 4KB