fbf8f1bddd754de64fe8bfd0b8555a04_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbf8f1bddd754de64fe8bfd0b8555a04_JaffaCakes118
Size

323KB
MD5

fbf8f1bddd754de64fe8bfd0b8555a04
SHA1

562859c5771f45be51f11b20a9fd50eb6b10d838
SHA256

f7f40a02e3df18ec99e961efbb1032d9df2e6a9629842e1e2b9d9c376690ba4c
SHA512

ff3690ec0d225a567d148c54f4185b5ac4fd3cc5ecb27eada35cafb99d107c430940a4621c58d6bece3413c952fabb16d7d31f94dbc0cd0d775d756109202272
SSDEEP

3072:1S43feG+hXlZAWUlSsRi4IoCWJsLSBJqnmbZSnVAQwEI4iKYuXvNsQoFUbpO5QX:Gw74iPuXvj2E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbf8f1bddd754de64fe8bfd0b8555a04_JaffaCakes118

Files

fbf8f1bddd754de64fe8bfd0b8555a04_JaffaCakes118
.exe windows:5 windows x86 arch:x86

16c81d67d63c6e1103d25bb5396f82ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DFM1gCeg

Imports

crypt32

CryptSIPLoad
CertNameToStrA
CryptMemRealloc
CertGetSubjectCertificateFromStore

msvcrt

fgetwc

shlwapi

PathSetDlgItemPathW

oleaut32

VarBstrFromBool
GetActiveObject
UnRegisterTypeLi

opengl32

glBegin
glMultMatrixd

rasapi32

RasGetProjectionInfoA
RasGetConnectStatusA

ws2_32

WSACleanup

gdi32

GetTextCharset
AddFontResourceA
SetDCPenColor
ModifyWorldTransform
ExtSelectClipRgn

advapi32

AddAuditAccessAceEx
GetFileSecurityW
LogonUserA
DuplicateToken
RegCloseKey
ReadEventLogA

kernel32

GetBinaryTypeA
GetTempPathW
FlsFree
EnumSystemLocalesW
GetModuleFileNameA
EnterCriticalSection

user32

GetInputState
GetMessageExtraInfo
DrawCaption
DialogBoxParamW
CharLowerBuffW
TrackPopupMenu
MessageBeep
GetMessagePos
wsprintfA
GetDialogBaseUnits

winspool.drv

FindNextPrinterChangeNotification

iphlpapi

GetNetworkParams

ole32

OleCreateFromData
CLSIDFromString
OleCreateStaticFromData

winscard

SCardLocateCardsW

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16c81d67d63c6e1103d25bb5396f82ad

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

crypt32

msvcrt

shlwapi

oleaut32

opengl32

rasapi32

ws2_32

gdi32

advapi32

kernel32

user32

winspool.drv

iphlpapi

ole32

winscard

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 2KB - Virtual size: 1KB

.pdata Size: 2KB - Virtual size: 5KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 200KB - Virtual size: 199KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 2KB - Virtual size: 1KB

.pdata
Size: 2KB - Virtual size: 5KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 200KB - Virtual size: 199KB

.rsrc
Size: 16KB - Virtual size: 15KB