fbd31e7f33638868869f642783e2a57b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbd31e7f33638868869f642783e2a57b_JaffaCakes118
Size

407KB
MD5

fbd31e7f33638868869f642783e2a57b
SHA1

fe66224cd698895a46dd161f5140f741dcfd27b4
SHA256

dc54bc79c91fbab8ae8600bc8f059c7b318b6be15f8ed4d7181b10edc7dde705
SHA512

d346cce281560f222d483932f2a28a3d7b467f8f512b056cd78ca84300cd169a189d69f50e7d8902211ccd03d9f075ef2ad5e605a78b9efd28696e5e2fc1d1c2
SSDEEP

6144:SKQCIiwcYT7zGT6EkCZ2PLJKg+e4k8oAQkVTQDTnWfXiqb+T+elu9ru:SxiwcYfznigKg+1kEQzvWfXxb+1lM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbd31e7f33638868869f642783e2a57b_JaffaCakes118

Files

fbd31e7f33638868869f642783e2a57b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b85e622618345ee8bce5d38b5f9b4be5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDuplicateHash
RegDeleteValueA
CryptGetDefaultProviderA
RegQueryInfoKeyW
LookupSecurityDescriptorPartsA
RegSetValueW
CryptReleaseContext
RevertToSelf
RegEnumKeyExA

shell32

SheChangeDirA
FindExecutableA
DragQueryFileW
SHFormatDrive
InternalExtractIconListA

gdi32

EndDoc
GetStretchBltMode

user32

CreatePopupMenu
SetWindowContextHelpId
CallNextHookEx
DdeDisconnectList
GetParent
SwitchToThisWindow
PackDDElParam
GetMenuStringA
GetWindowWord
GetWindowRect
UnregisterClassA
SendMessageW
DialogBoxIndirectParamA
CreateAcceleratorTableW
GetLastActivePopup
CopyRect
GetTabbedTextExtentA
IsCharAlphaNumericA
RegisterClassA

kernel32

GetCurrentProcess
InitializeCriticalSection
GetOEMCP
GetEnvironmentStringsW
CreateWaitableTimerW
GetFileType
TlsSetValue
IsBadWritePtr
DeleteCriticalSection
GetPrivateProfileStringA
VirtualProtect
IsValidLocale
GetLocaleInfoA
GetSystemDirectoryA
LeaveCriticalSection
GetUserDefaultLCID
GetEnvironmentVariableA
FreeEnvironmentStringsA
GetLocaleInfoW
TlsAlloc
SetLastError
MoveFileExA
SystemTimeToTzSpecificLocalTime
HeapCreate
VirtualFree
GetStartupInfoW
HeapSize
ExitProcess
GetStartupInfoA
SetHandleCount
GlobalSize
HeapDestroy
GetVersionExA
GetModuleHandleA
WriteConsoleOutputW
GetTimeFormatA
IsValidCodePage
HeapFree
EnumSystemLocalesA
EnterCriticalSection
FreeEnvironmentStringsW
GetTimeZoneInformation
GetTickCount
VirtualQuery
VirtualAlloc
VirtualLock
SetEnvironmentVariableA
FindFirstFileW
GlobalLock
WideCharToMultiByte
GetModuleFileNameA
GetCurrentProcessId
TlsGetValue
GetCommandLineA
LCMapStringW
ConvertDefaultLocale
GetEnvironmentStrings
LockResource
EnumDateFormatsExA
GetStringTypeW
RtlUnwind
GetLastError
GetStringTypeA
GetVersion
HeapAlloc
ReadConsoleInputA
GetCPInfo
MultiByteToWideChar
GetSystemTimeAsFileTime
EnumSystemLocalesW
WriteFile
UnhandledExceptionFilter
GetStdHandle
FindNextChangeNotification
GetCommandLineW
HeapReAlloc
FindNextFileA
GetModuleFileNameW
SetComputerNameW
LoadLibraryA
GetACP
GetDateFormatA
GetProcAddress
GetSystemInfo
TerminateProcess
InterlockedExchange
QueryPerformanceCounter
TlsFree
WaitForMultipleObjectsEx
GetAtomNameA
CompareStringW
GetLongPathNameW
CreateWaitableTimerA
CompareStringA
LCMapStringA
GetCurrentThreadId
GetCurrentThread

comdlg32

ReplaceTextW

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b85e622618345ee8bce5d38b5f9b4be5

Headers

File Characteristics

Imports

advapi32

shell32

gdi32

user32

kernel32

comdlg32

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 8KB - Virtual size: 16KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 8KB - Virtual size: 16KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 7KB - Virtual size: 7KB