fbe8ae5f28523a29d1f3a7363a119521_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbe8ae5f28523a29d1f3a7363a119521_JaffaCakes118
Size

1.7MB
MD5

fbe8ae5f28523a29d1f3a7363a119521
SHA1

d7256774728fd8ef39add969f0c6016107a7bec0
SHA256

fd9d25f3ca132e010e5e519694c58cb36e54e8c247a9e2a1ee71985fc0d56d40
SHA512

ec70f1a6b1296886075b8c6e476584007d8525f7c3011f60ca2467ebed82b965403eed652b2a6ed2ebddcce8906f251d9ce14a547d6e7dce678ddfd654ffb67b
SSDEEP

12288:mMHGwmp6yEteZgrggpBvxy2z4JT08yIYotgz58cQ6yH/ddOD++BJnEnCMoCRYDwB:mMmwmptergiBvxRSG8ugddtk8YDVHE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbe8ae5f28523a29d1f3a7363a119521_JaffaCakes118

Files

fbe8ae5f28523a29d1f3a7363a119521_JaffaCakes118
.exe windows:5 windows x86 arch:x86

53505419554a19daa1a1b5816ece88a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wintrust

CryptCATAdminReleaseContext
CryptCATAdminAcquireContext
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WinVerifyTrust

advapi32

RegDeleteKeyW
RegCloseKey
RegDeleteValueW

kernel32

WaitForSingleObject
WriteFile
ReadFile
GetSystemTime
TzSpecificLocalTimeToSystemTime
LocalFileTimeToFileTime
FormatMessageW
FindResourceW
GetSystemDirectoryW
GetTempPathW
FindFirstFileW
OpenJobObjectW
IsValidCodePage
GetOEMCP
CompareStringW
LCMapStringW
GetSystemDefaultLangID
GetConsoleWindow
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
GetACP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree
LoadLibraryExW
RtlUnwind
OutputDebugStringW
GetStringTypeW
HeapReAlloc
HeapSize
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW
HeapAlloc
VirtualAlloc
GetModuleFileNameW

user32

GetSystemMetrics
GetSubMenu
TrackPopupMenu
GetMenuInfo
DrawTextW
GetDC
GetDCEx
ShowScrollBar
SetWindowTextW
FillRect
CopyRect
CreateIcon
DestroyIcon
DrawIconEx
GetScrollInfo
WinHelpW
GetTitleBarInfo
DdeUninitialize
CharPrevW
CharUpperW
CheckRadioButton

crypt32

CertFreeCRLContext
CryptHashPublicKeyInfo
CertNameToStrW
CertAddStoreToCollection
CryptAcquireCertificatePrivateKey
CryptEnumOIDInfo
CertCloseStore
CryptEncodeObject

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a3oe2
Size: 537KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sw6rtn
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hatte
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1on5a
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53505419554a19daa1a1b5816ece88a9

Headers

File Characteristics

Imports

wintrust

advapi32

kernel32

user32

crypt32

Sections

.text Size: 82KB - Virtual size: 82KB

.data Size: 107KB - Virtual size: 6.6MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.a3oe2 Size: 537KB - Virtual size: 536KB

.sw6rtn Size: 381KB - Virtual size: 381KB

.hatte Size: 293KB - Virtual size: 293KB

.1on5a Size: 230KB - Virtual size: 230KB

.rsrc Size: 107KB - Virtual size: 106KB

.text
Size: 82KB - Virtual size: 82KB

.data
Size: 107KB - Virtual size: 6.6MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.a3oe2
Size: 537KB - Virtual size: 536KB

.sw6rtn
Size: 381KB - Virtual size: 381KB

.hatte
Size: 293KB - Virtual size: 293KB

.1on5a
Size: 230KB - Virtual size: 230KB

.rsrc
Size: 107KB - Virtual size: 106KB