fbd1a4627ba50742b71174cbcb233a85_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fbd1a4627ba50742b71174cbcb233a85_JaffaCakes118
Size

245KB
MD5

fbd1a4627ba50742b71174cbcb233a85
SHA1

94ea6a8411a180c497eb80b2682071e921e46f9c
SHA256

5fc4261d33b0eea85a44c493ef41eb45ead3d2d991ee4f64fbe29747986a0b90
SHA512

09ede4513c7897d7c997799ad78090f6b3e7ea6b21c1101ba76a46688d14a8b1ed6decfff400e5095a31b61c1dab871db91d226316e8372e3acb3536f32dc021
SSDEEP

6144:t2JIOJJ+dbzx6yUjic6vLD+Pa0i2Ev/Lf0hedtHCu:t2EdH8K5DD+PE9/4hedtZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbd1a4627ba50742b71174cbcb233a85_JaffaCakes118

Files

fbd1a4627ba50742b71174cbcb233a85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c526332a58c0a0df07cfac586180b73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetAtomNameA
GetEnvironmentVariableA
SetCurrentDirectoryW
MulDiv
CopyFileExA
CreateDirectoryA
lstrcpyn
GlobalDeleteAtom
BeginUpdateResourceW
IsValidLocale
CreateNamedPipeW
GetProcAddress
GetDateFormatW
GetEnvironmentStringsW
GetVersionExW
GetCurrentThread
GetVersion
lstrcmpA
GetCalendarInfoW
GetCurrentProcessId
CompareFileTime
GetCurrentThreadId
GetCurrentDirectoryA

user32

MessageBoxA
PeekMessageA
CopyIcon
DefWindowProcW
LoadImageA
SendDlgItemMessageA
GetDCEx
GetClassInfoW
GetDlgItemInt
GetClassInfoA
InvalidateRect
RegisterClassW
CreatePopupMenu
IsDlgButtonChecked
WinHelpW
wvsprintfW
MessageBoxIndirectA
EnableWindow
SetCapture
RegisterWindowMessageA
SetTimer
GetDesktopWindow
RegisterWindowMessageW
CreateMenu
GetKeyboardLayout
PostMessageW
GetFocus
CharLowerA
SetWindowTextW
WaitForInputIdle
GetMenuInfo
SetWindowTextA
MonitorFromRect
OpenClipboard
IsChild
CharNextA
GetSysColor
EnumWindows
SendMessageW
CreateWindowExW
LoadCursorW
DestroyIcon
LoadCursorA
GetMessageA
EnumClipboardFormats
CreateDesktopA
DestroyCursor
CreateDialogParamA
CreateDialogIndirectParamW

gdi32

GetMetaFileA
CreateICW
CreateDIBSection
CreateMetaFileA
CreateFontIndirectExW
CreateFontW
DeleteObject
CreateSolidBrush
TranslateCharsetInfo
UpdateICMRegKeyW
CreateICA
CreateDIBPatternBrush
GetRasterizerCaps
CreateFontIndirectW
CreateCompatibleDC
GetTextExtentPointW
CreateFontIndirectExA
CreateScalableFontResourceA
GetEnhMetaFileA
StretchDIBits
ExtCreateRegion
AddFontResourceW
GetEnhMetaFileW
CreateBrushIndirect
GdiGetBatchLimit
CreateMetaFileW
GetObjectType
UpdateICMRegKeyA
CreateBitmap
SelectBrushLocal
GetEnhMetaFilePixelFormat

advapi32

RegQueryInfoKeyW
RegSetValueA
RegCreateKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegRestoreKeyW
RegEnumKeyExA
RegOpenKeyW
RegSaveKeyW
RegQueryValueExW
RegFlushKey
RegDeleteValueW
RegQueryMultipleValuesA
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueA
RegSaveKeyA
RegCreateKeyA

shell32

ExtractIconA
ExtractAssociatedIconExW
StrRStrIW
SHGetDiskFreeSpaceExW
StrCmpNIA
StrStrIW
ExtractIconW
ExtractIconExW
SHGetDiskFreeSpaceExA

opengl32

glColor3fv
glEvalCoord1f
glEvalPoint1
glRectiv
glColor3d
glIsTexture
glEvalCoord2f
glRectsv
glRasterPos2sv
glLightfv
glTexCoord1i
glLightModelf
glEdgeFlagPointer
glNormal3iv
glIndexPointer
wglUseFontOutlinesA
glTexCoord4sv
glTexGend
glColor4ubv

version

GetFileVersionInfoW
VerFindFileA
GetFileVersionInfoSizeA
VerFindFileW
GetFileVersionInfoA
VerInstallFileW
VerQueryValueA
VerQueryValueW
VerInstallFileA

oledlg

OleUIChangeSourceA
OleUIEditLinksA
OleUIAddVerbMenuW
OleUIConvertW
OleUIEditLinksW
OleUIPasteSpecialA
OleUIPromptUserW
OleUIConvertA
OleUIBusyA

sqlunirl

_CharNext_@4
_GetModuleFileName@12
_RegisterClass_@4
_PageSetupDlg_@4
_OpenEventLog_@8
_MoveFile@8
_CreateDirectory_@8
_SetEnvironmentVariable_@8
_FindFirstFile_@8
_GetMenuItemInfo_@16
newMultiByteFromWideCharSize
_InsertMenuItem_@16
_WriteConsoleInput_@16
_DlgDirListComboBox_@20

wsock32

listen
select
NPLoadNameSpaces
rresvport
SetServiceA
GetAddressByNameA
WSApSetPostRoutine
rexec
WSAAsyncGetProtoByNumber
recvfrom
inet_addr
GetTypeByNameW
TransmitFile
SetServiceW
WEP
WSAAsyncGetServByName
setsockopt
WSAAsyncSelect
htons

Sections

.OIoldg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MQcu
Size: 512B - Virtual size: 461KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MVbcQK
Size: 1024B - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iMhUij
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.riZBA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Crv
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.inQuH
Size: 2KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fEBaB
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IQphDu
Size: 16KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c526332a58c0a0df07cfac586180b73

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

opengl32

version

oledlg

sqlunirl

wsock32

Sections

.OIoldg Size: 4KB - Virtual size: 4KB

.MQcu Size: 512B - Virtual size: 461KB

.MVbcQK Size: 1024B - Virtual size: 250KB

.iMhUij Size: 89KB - Virtual size: 88KB

.riZBA Size: 12KB - Virtual size: 12KB

.Crv Size: 6KB - Virtual size: 16KB

.inQuH Size: 2KB - Virtual size: 322KB

.fEBaB Size: 92KB - Virtual size: 92KB

.IQphDu Size: 16KB - Virtual size: 69KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.OIoldg
Size: 4KB - Virtual size: 4KB

.MQcu
Size: 512B - Virtual size: 461KB

.MVbcQK
Size: 1024B - Virtual size: 250KB

.iMhUij
Size: 89KB - Virtual size: 88KB

.riZBA
Size: 12KB - Virtual size: 12KB

.Crv
Size: 6KB - Virtual size: 16KB

.inQuH
Size: 2KB - Virtual size: 322KB

.fEBaB
Size: 92KB - Virtual size: 92KB

.IQphDu
Size: 16KB - Virtual size: 69KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B