fc0a1cbf1b375dbc2922086e92f7b339_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc0a1cbf1b375dbc2922086e92f7b339_JaffaCakes118
Size

472KB
MD5

fc0a1cbf1b375dbc2922086e92f7b339
SHA1

51bd3d277c2fa1e33083659168287e308a36b8e5
SHA256

481bd70b8bbd8798122688e97e600eca204e6b04f17503816a0c64b474971274
SHA512

e0b18581ed9ab1ed9763050d8fbcc2236757be771f7229f838fcaeefe6afef0ca7e9aced6a35d03f69d5ec7d5a9ed1b614404f3b1f47af73db520f340ee446e3
SSDEEP

12288:7sytkIwUFp98SRG3umJ1oUR+G12GEuDKQT4kyn/qfbqC/NuI7A:7xMUp98SRG3nJCUR+G27gzT4xCfOC/N5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc0a1cbf1b375dbc2922086e92f7b339_JaffaCakes118

Files

fc0a1cbf1b375dbc2922086e92f7b339_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a2c2bcc6992bcb8379f110bc07c3d0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetModuleFileNameA
FreeEnvironmentStringsA
VirtualQuery
WideCharToMultiByte
GetProcAddress
InterlockedIncrement
TlsAlloc
SetEnvironmentVariableA
LCMapStringA
ExitProcess
GetTimeZoneInformation
GetFileType
ReadFile
GetCurrentProcessId
GetCommandLineW
GetSystemTimeAsFileTime
InitializeCriticalSection
UnhandledExceptionFilter
SystemTimeToTzSpecificLocalTime
GetModuleFileNameW
TerminateProcess
TlsFree
HeapDestroy
HeapReAlloc
TlsGetValue
VirtualFree
GetEnvironmentStrings
GetTickCount
GetCommandLineA
SetLastError
CreateMutexA
InterlockedDecrement
GetCPInfo
SetHandleCount
EnumDateFormatsExW
WriteFile
GetEnvironmentStringsW
HeapAlloc
LCMapStringW
DeleteCriticalSection
GetStdHandle
SetStdHandle
LoadLibraryA
GetLocalTime
CloseHandle
GetStringTypeA
GetCurrentThread
CompareStringW
SetFilePointer
GetPrivateProfileStructA
AddAtomW
QueryPerformanceCounter
CompareStringA
LocalHandle
OpenMutexA
MultiByteToWideChar
GetCurrentThreadId
GetStartupInfoW
TlsSetValue
IsBadWritePtr
RtlUnwind
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapFree
InterlockedExchange
GetStartupInfoA
GetStringTypeW
GetCurrentProcess
GetModuleHandleA
HeapCreate
FlushFileBuffers
GetSystemTime
VirtualAlloc
FreeEnvironmentStringsW
GetLastError

advapi32

CryptGetDefaultProviderW
LookupSecurityDescriptorPartsW

user32

ShowWindow
MessageBoxA
MonitorFromRect
CreateIconIndirect
IntersectRect
RegisterClassExA
OemToCharW
CreateDialogParamW
DdeAccessData
SendMessageTimeoutW
GetCursor
GetKeyboardType
SetCaretPos
CreateWindowExW
GetClassNameA
SendDlgItemMessageA
RegisterClassA
CreateMenu
FrameRect
EmptyClipboard
DragDetect

comdlg32

ChooseColorA
ReplaceTextW
GetSaveFileNameW
GetFileTitleW

Sections

.text
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a2c2bcc6992bcb8379f110bc07c3d0d

Headers

File Characteristics

Imports

comctl32

kernel32

advapi32

user32

comdlg32

Sections

.text Size: 286KB - Virtual size: 285KB

.rdata Size: 64KB - Virtual size: 75KB

.data Size: 113KB - Virtual size: 112KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 286KB - Virtual size: 285KB

.rdata
Size: 64KB - Virtual size: 75KB

.data
Size: 113KB - Virtual size: 112KB

.rsrc
Size: 8KB - Virtual size: 7KB