fbcaa30674f5e383d5e6fdc4d5a72b34_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbcaa30674f5e383d5e6fdc4d5a72b34_JaffaCakes118
Size

152KB
MD5

fbcaa30674f5e383d5e6fdc4d5a72b34
SHA1

0c3fbd9d8580b28e6062ef6ecc9d236b8999f3ad
SHA256

9feab45dd2ea5d9b6c6ecb0295807a6421fe93f7bd4c2f39176b13a396b63452
SHA512

02ed175c90e1fe2673d6d9ac96551dd88195931526706e65afbbdedf5d6833685d761e04a3ff625f98c5675c4bd783b05c5b8fb53e46a0fb9929aa7da289889f
SSDEEP

3072:teNUswnOObqPX8I6bbnH2tLVoBv52b8IJc6KC:t4U09fdEbnHQLE2j6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbcaa30674f5e383d5e6fdc4d5a72b34_JaffaCakes118

Files

fbcaa30674f5e383d5e6fdc4d5a72b34_JaffaCakes118
.dll windows:4 windows x86 arch:x86

57d9aebecf49a972498cc6b7d314b90c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
lstrlenA
CreateDirectoryA
GetTempPathA
GetPrivateProfileStructA
WritePrivateProfileSectionA
LoadResource
LockResource
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InitializeCriticalSectionAndSpinCount
GetCurrentThread
GetCurrentProcess
GetSystemDirectoryW
GetVolumePathNameW
GetVolumeInformationW
CreateMutexW
WaitForSingleObject
ReleaseMutex
GetDriveTypeW
InterlockedDecrement
InterlockedIncrement
FindResourceExW
GetStringTypeA
LCMapStringW
lstrcpyA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
HeapAlloc
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
GetStringTypeW
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
ExitProcess
GetVersion
RtlUnwind
LocalFree
LocalAlloc
FormatMessageA
FormatMessageW
OpenEventA
OpenSemaphoreA
OutputDebugStringA
GlobalUnlock
CopyFileA
SetVolumeLabelA
InterlockedExchange
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcmpW
GetExitCodeThread
GetVersionExW
GetPrivateProfileStringW
GlobalFree
SearchPathW
GetWindowsDirectoryW
CreateFileW
lstrcmpiW
CloseHandle
GlobalAlloc
lstrcpyW
CreateThread
Sleep
GetModuleHandleW
lstrcpynW
lstrlenW
LoadLibraryW
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
GetCommandLineA
LCMapStringA
VirtualProtect

user32

SetWindowLongW
GetParent
CheckDlgButton
IsDlgButtonChecked
DialogBoxParamW
LoadImageW
MapDialogRect
SetWindowPos
DestroyIcon
GetWindowRect
GetSystemMetrics
CreateDesktopA
FindWindowA
OemToCharA
CharToOemBuffA
IsCharLowerA
PostMessageW
SendMessageW
LoadStringW
MessageBoxW
RegisterWindowMessageA
ShowWindow
GetDlgItem
SetForegroundWindow
EndDialog
SetDlgItemTextW
wsprintfW
SetFocus
EnableWindow
SendDlgItemMessageW
WinHelpW
CharNextW
CharPrevW
GetDlgItemTextW
DialogBoxParamA

advapi32

GetNamedSecurityInfoW
GetAclInformation
GetAce
IsValidSid
GetLengthSid
CopySid
GetSecurityDescriptorOwner
LogonUserW
GetSecurityDescriptorLength
MakeSelfRelativeSD
ConvertSidToStringSidW
OpenThreadToken
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorControl
AddAccessAllowedAceEx
SetNamedSecurityInfoW
RegSetValueW
GetSecurityDescriptorControl
EqualSid
GetSecurityDescriptorDacl
ConvertStringSidToSidW
BuildTrusteeWithSidW
GetEffectiveRightsFromAclW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegQueryValueExW
IsValidSecurityDescriptor
RegCloseKey
CloseServiceHandle
ChangeServiceConfigA
AbortSystemShutdownA
RegQueryValueExA
IsTextUnicode

gdi32

CreateFontIndirectW
CreateDCA
GetOutlineTextMetricsA
DeleteObject
GetObjectW

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57d9aebecf49a972498cc6b7d314b90c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 44KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 44KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB