fbf5ed43c1ea5cd06880a097853efab8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbf5ed43c1ea5cd06880a097853efab8_JaffaCakes118
Size

163KB
MD5

fbf5ed43c1ea5cd06880a097853efab8
SHA1

f682bdcc360cf109856fbabaffc1522e49546b09
SHA256

c21ad5c29f4d1ed8775e398cce04aa1cf17737490b5fa33e1a0a815ef95366fd
SHA512

4561a20b4ab26ff78e6d5ff6fd4b0131009d333f3661d87447da6c9ab4bb353cbf0f4d7f1ede9fbed2e335a09bf2692b188a618b44bfe5c9ecf68904b59699e5
SSDEEP

3072:PK+mttcAwwcitz9xCplVXopwppny/npY/QsJiwUSCZzi3QuX6:PK+StXlcM9xCFopwpDYXPZzu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbf5ed43c1ea5cd06880a097853efab8_JaffaCakes118

Files

fbf5ed43c1ea5cd06880a097853efab8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0da96a879abe6b03e80b720e419a3315

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
EnableWindow
GetWindowTextW
GetLastActivePopup
GetWindowLongW
GetDC
LoadCursorW
MessageBoxW
CheckMenuItem
ModifyMenuW
EnableMenuItem
GetSysColor
GetSystemMetrics
LoadBitmapW
GetParent
GetMenuCheckMarkDimensions
IsWindowEnabled
GetSysColorBrush

kernel32

GetCommandLineA
VirtualProtect
GetShortPathNameW
RtlUnwind
GetModuleFileNameA
GetEnvironmentStringsW
SetHandleCount
SetFilePointer
HeapReAlloc
VirtualAlloc
SetUnhandledExceptionFilter
IsBadCodePtr
GetProcessAffinityMask
HeapSize
HeapCreate
GetStringTypeW
GetEnvironmentStrings
FlushFileBuffers
QueryPerformanceCounter
LCMapStringA
IsBadWritePtr
VirtualFree
TerminateProcess
GetOEMCP
EnumResourceTypesW
GetSystemInfo
GetTickCount
WriteFile
HeapAlloc
SetStdHandle
VirtualQuery
GetCPInfo
GetStringTypeA
HeapFree
IsBadReadPtr
GetSystemTimeAsFileTime
HeapDestroy
GetFileAttributesA
GetStartupInfoA
UnhandledExceptionFilter
GetCurrentProcessId
GetFileType
GetCurrentProcess
GetStdHandle
FreeEnvironmentStringsW
LCMapStringW
ExitProcess

shell32

SHGetSpecialFolderPathW

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW
PathFindExtensionW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

gdi32

SetViewportExtEx
DeleteObject
ScaleWindowExtEx
SetTextColor
DeleteDC
SaveDC
GetClipBox
SetViewportOrgEx
GetDeviceCaps
SelectObject
Escape
SetWindowExtEx
SetBkColor
CreateBitmap
SetMapMode
RestoreDC
ScaleViewportExtEx
RectVisible
PtVisible
ExtTextOutW
OffsetViewportOrgEx
TextOutW
GetStockObject

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0da96a879abe6b03e80b720e419a3315

Headers

File Characteristics

Imports

user32

kernel32

shell32

shlwapi

advapi32

gdi32

winspool.drv

ole32

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 100KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 100KB