fbcaed5d7fb89829acc9bb9a2406ae03_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fbcaed5d7fb89829acc9bb9a2406ae03_JaffaCakes118
Size

176KB
MD5

fbcaed5d7fb89829acc9bb9a2406ae03
SHA1

393c22a67182c644c71ff496c0e54a98049bead4
SHA256

fa45b3dde7d15eb23cf29237b7fd8febcca847c818f538ea1a89314426592650
SHA512

6aca58ab10f675a270bf66090289dadbafaad5ca0309f8e2790cf49510eb413cd10391e41a97e0434a7db9bebfc2d7a202f42e0742752d0f3d3224519bbe9705
SSDEEP

3072:8GcfjBlGpl7TxIwCH+CnDQ1b8mNgzrPEwlba+ZJ844rE1QHY6D9ko5xZ:qGplhIwg+CDkgHXEw5844o1Ql5PjZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbcaed5d7fb89829acc9bb9a2406ae03_JaffaCakes118

Files

fbcaed5d7fb89829acc9bb9a2406ae03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6553cf38b3307fc189426d748b3f6a5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetACP
FreeLibraryAndExitThread
ReadFile
GetStringTypeW
GetCPInfo
TerminateProcess
InterlockedCompareExchange
HeapAlloc
SizeofResource
InterlockedDecrement
UnhandledExceptionFilter
SetErrorMode
GetProcessHeap
GetConsoleMode
WaitForSingleObjectEx
WideCharToMultiByte
GetFileSize
GetVersionExW
Sleep
FormatMessageW
IsDebuggerPresent
GetFileType
WriteFile
GetCommandLineA
SetFilePointer
GetSystemInfo
GlobalFree
CreateFileA
CreateFileW
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
GetOEMCP
GetCurrentProcessId
FlushFileBuffers
LocalAlloc
RaiseException
HeapFree
GetCurrentProcess
SetEvent
GetModuleHandleW
SetEndOfFile
GetFileAttributesW
FreeLibrary
GetVersionExA
GetCurrentThreadId
WaitForSingleObject
LoadLibraryW
TryEnterCriticalSection
GetFileSizeEx
HeapDestroy
InterlockedExchange
CreateThread
FindFirstFileW
MultiByteToWideChar
GetCommandLineW
TlsGetValue
HeapReAlloc
GetModuleFileNameW
GetStartupInfoA
lstrlenA
GetFileAttributesA
LeaveCriticalSection
FreeEnvironmentStringsW
DeleteCriticalSection
ExitProcess
GetStdHandle
SetHandleCount
GetLastError
LoadResource
LoadLibraryA
GlobalAlloc
GetSystemTimeAsFileTime
LoadLibraryExW
HeapCreate
SetLastError
SetUnhandledExceptionFilter
TlsSetValue
LCMapStringW
GetTickCount
EnterCriticalSection
GetEnvironmentStringsW
CreateEventA
CreateEventW
SetStdHandle
RegisterWaitForSingleObject
GetModuleFileNameA
TlsAlloc
LocalFree
CloseHandle
SetFilePointerEx
lstrlenW
FindClose
QueryPerformanceCounter
GetModuleHandleA
InterlockedIncrement
VirtualAllocEx

user32

DefWindowProcW
GetMenuItemCount
SetMenuItemInfoA
CreateWindowExA
DestroyWindow
GetKeyState
MoveWindow
MessageBeep
DrawFocusRect
AdjustWindowRectEx
ReleaseCapture
OffsetRect
ShowWindowAsync
SetWindowLongW
ClientToScreen
UnregisterClassA
SetActiveWindow
RegisterClassW
SetCapture
SetWindowPos
LoadStringW
GetClientRect
GetCursorPos
InflateRect
PtInRect
GetMenuStringW
PostMessageW
DestroyMenu
GetActiveWindow
AllowSetForegroundWindow
DestroyIcon
TrackPopupMenu
LoadIconA
GetMenu
CheckMenuItem
CreateWindowExW
SetWindowTextW
SendMessageW
ReleaseDC
GetSubMenu

ole32

OleUninitialize
OleRegGetUserType
OleInitialize
CoRegisterMallocSpy
CoRegisterMessageFilter
CoReleaseMarshalData
CoSwitchCallContext
CoRevokeClassObject
CoTreatAsClass
CoSetProxyBlanket
CoTaskMemRealloc
CoSuspendClassObjects
CoRegisterClassObject
CoRevokeMallocSpy
CoRegisterChannelHook
CoTaskMemFree
CoTaskMemAlloc
CoRevertToSelf
CoResumeClassObjects
CoReleaseServerProcess
CoRevokeInitializeSpy
CoRegisterSurrogate
CoRegisterPSClsid

advapi32

CryptHashData
AdjustTokenPrivileges
OpenThreadToken
CryptAcquireContextA
FreeSid
RegQueryInfoKeyW
RegEnumValueW
RegDeleteKeyW
RegCreateKeyExA
CryptReleaseContext
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AllocateAndInitializeSid
RegDeleteValueW
RegEnumKeyExW
RegSetValueExA
GetTokenInformation
RegCreateKeyExW
RegSetValueExW
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetLengthSid
EqualSid
AddAccessAllowedAce
RegDeleteValueA
RegDeleteKeyA
CryptGenRandom
LookupPrivilegeValueA
AddAccessAllowedAceEx
CloseServiceHandle
CryptAcquireContextW
DeregisterEventSource
RegEnumValueA
RegEnumKeyExA
RevertToSelf
QueryServiceStatus
OpenServiceW
CryptDestroyHash
CryptCreateHash
InitializeAcl

msimg32

GradientFill

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
_exit
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
__setusermatherr

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6553cf38b3307fc189426d748b3f6a5f

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

msimg32

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 132KB - Virtual size: 226KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 132KB - Virtual size: 226KB

.rsrc
Size: 16KB - Virtual size: 15KB