fc194e48b5880cedfce0c138052e2d3f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fc194e48b5880cedfce0c138052e2d3f_JaffaCakes118
Size

182KB
MD5

fc194e48b5880cedfce0c138052e2d3f
SHA1

3240eaacb39a1766a9a776d1f7635148538740e6
SHA256

6a8ecd7c8639307f167479ad7e56807258d3fdb014b562561dc28327134dcac7
SHA512

6b34713ee07b4ee5171279dae469d299966ed57e96532ee918c966f2ca3e614573b1c7ed389fdb978fdc7a3e08a202d58083ca779b9586eb7417fb567bba56f5
SSDEEP

3072:KaQUiNmra1jPpduk0kfkMNFCzRqnVeiRkuRXYYX4snBQyzPT6C59Wt1voC:fQUiqaBnukl8MfCzRq1RXoYoya69s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc194e48b5880cedfce0c138052e2d3f_JaffaCakes118

Files

fc194e48b5880cedfce0c138052e2d3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d54096f59677846f7ffe014fafd8c90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeExA
GetModuleHandleA
GetLocaleInfoA
LoadLibraryA
GetProcAddress
ReadFile
SetEndOfFile
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
CreateFileA
CloseHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
GetLastError
WriteFile
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentProcess
TerminateProcess
ExitProcess
FlushFileBuffers
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion

user32

CreateDesktopW
GetScrollPos
WinHelpW
PostQuitMessage
EnumDesktopWindows
GetKBCodePage
SetClassLongA
SetActiveWindow
EnumPropsExA
IsWindowVisible
DialogBoxParamA
FindWindowExA
OpenWindowStationA
SetDeskWallpaper
MapVirtualKeyW
SetForegroundWindow
ScrollWindow
MessageBoxIndirectA
WaitMessage
SetShellWindow
GetMenuItemRect
OemToCharW
UnhookWinEvent

oleaut32

SafeArrayGetLBound
VarAdd
SafeArrayPutElement
VarFormatDateTime
SetErrorInfo
VarIdiv
VarDecAdd
VarDateFromCy
OleLoadPictureFile
VarAbs
VarTokenizeFormatString
LPSAFEARRAY_Marshal
GetActiveObject

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d54096f59677846f7ffe014fafd8c90

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

Sections

.text Size: 174KB - Virtual size: 173KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 244KB

.rsrc Size: 512B - Virtual size: 464B

.text
Size: 174KB - Virtual size: 173KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 244KB

.rsrc
Size: 512B - Virtual size: 464B