fbfe3974170420c07d0f0b09bddf2bb4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbfe3974170420c07d0f0b09bddf2bb4_JaffaCakes118
Size

268KB
MD5

fbfe3974170420c07d0f0b09bddf2bb4
SHA1

8d037158f46ec7f5d5b58c9b9e6a0ba35b45ab46
SHA256

757ee2e4ed0fe9f46e98c9cd2746ec40d0ceeaccbf4af08111985c860ab35525
SHA512

7426ec0a45eae8a0432923b593fbfa19398f4fff94eb1996f210a439bbc3eb4d16f75f2203a1a55da4047587ba5317e0d0787459105541f6debae2248d032df9
SSDEEP

6144:qynfkGG/XeUOXMmiQ+SaAi9fm601GnS8WANrP7AQhx:qynfQeUOsSPoa1CN/AC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbfe3974170420c07d0f0b09bddf2bb4_JaffaCakes118

Files

fbfe3974170420c07d0f0b09bddf2bb4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

653bbb9dcc787fd1a6ac085e49ddb771

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
OpenProcess
SetWaitableTimer
CreateWaitableTimerW
CancelWaitableTimer
WaitForSingleObject
CreateEventW
CreateThread
Sleep
SetFileAttributesW
lstrcmpiW
GetDriveTypeW
WinExec
SetEvent
GetLastError
LocalFree
lstrcpyW
LocalAlloc
FormatMessageW
CreateFileW
ReadFile
WriteFile
GetFileSize
CloseHandle
GetFileAttributesW
DeleteFileW
GetProcAddress
LoadLibraryW
lstrcpynW
lstrlenW
SizeofResource
LockResource
LoadResource
FindResourceExW
lstrcmpW
GetComputerNameW
GetLocalTime
GetModuleFileNameW
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExW
GetLogicalDriveStringsW
DisableThreadLibraryCalls
MoveFileExW
lstrlenA

user32

GetWindowTextW
GetWindowThreadProcessId
wsprintfA
wsprintfW
OpenWindowStationW
OpenDesktopW
EnumDesktopWindows
CloseDesktop
EnumDesktopsW
EnumWindowStationsW
GetWindowTextLengthW

shell32

StrStrIW
StrChrW
StrStrW
StrRChrW

shlwapi

StrToIntW

psapi

GetModuleBaseNameW

msvcrt

__dllonexit
??1type_info@@UAE@XZ
_onexit
_CxxThrowException
strlen
_adjust_fdiv
strchr
memset
malloc
_initterm
memcpy
_lrotr
_lrotl
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
free

msvcp60

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z

Exports

Exports

fix
g
lk

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

653bbb9dcc787fd1a6ac085e49ddb771

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

psapi

msvcrt

msvcp60

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 166KB - Virtual size: 166KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 166KB - Virtual size: 166KB

.reloc
Size: 5KB - Virtual size: 5KB