fba091b624bba67f6b0751a561dbee80_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fba091b624bba67f6b0751a561dbee80_JaffaCakes118
Size

52KB
MD5

fba091b624bba67f6b0751a561dbee80
SHA1

c78e66159f922e5e8a5a2f6a1c59e245ee8938e4
SHA256

974a0147e5f3e80b90b62184c02adbbae98e154c1cda97539fe6f4a6382d31e1
SHA512

ad5b00d6429dea038b403121a1c5683f4bbea9bbfca79132554a0e7e5baf92d1a9800e9085f5bd90b01edc3a6a094c67db371f05d3e445af7df9e78fc7cc8971
SSDEEP

1536:QAvcKZlM77HBYCzgHVnkRrvQ0CUBxgcf/:BvyJdgHV+rvQvO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PatchFX.EXE

Files

fba091b624bba67f6b0751a561dbee80_JaffaCakes118
.zip
PatchFX.EXE
.exe windows:4 windows x86 arch:x86

61c819286fd844d125623ed2789d111d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetCurrentDirectoryA
WriteFile
GetLastError
GetFileSize
FreeLibrary
LoadLibraryA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetCurrentProcess
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree
HeapCreate
GetProcAddress
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
CloseHandle
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
HeapDestroy
WideCharToMultiByte
GetCPInfo
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetACP
GetOEMCP
SetHandleCount
GetFileType

user32

SendDlgItemMessageA
MessageBoxA
GetWindowTextA
SetWindowTextA
EndDialog
GetDlgItem
GetSysColor
DialogBoxParamA
ShowWindow

comdlg32

GetOpenFileNameA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
URL.txt
readme.txt
resfutil.wav

Sharing

General

Malware Config

Signatures

Files

61c819286fd844d125623ed2789d111d

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 1024B

.data Size: 10KB - Virtual size: 10KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 1024B

.data
Size: 10KB - Virtual size: 10KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 31KB - Virtual size: 30KB