fc2fabcc88824e83ddc06f1ee3bf963e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fc2fabcc88824e83ddc06f1ee3bf963e_JaffaCakes118
Size

167KB
MD5

fc2fabcc88824e83ddc06f1ee3bf963e
SHA1

e372ebc94bcd97fbd0d8a6fcc9fd0a5127a4a054
SHA256

92ec8aac760f7ea84006744f6f58f50e59b2101f81b7aba96f1c75596da6c59a
SHA512

deeda3f8aecfab538a318d574ba02fdb52d043d3f380754ae972322e966ebe4eb2180c77a57436ff3da38914721b5fe33b5ece04bf1646e16ac2263de226190f
SSDEEP

3072:G6QWhcBRK89S7qvJuvqyAdDEoQhxlaC3d6JGhq7XSmAGazv2E5spJ4:GVOSKl7qkqy0Egsd6JE+x0bhN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc2fabcc88824e83ddc06f1ee3bf963e_JaffaCakes118

Files

fc2fabcc88824e83ddc06f1ee3bf963e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5198f5a369fb9d32b3fdd53d8e1cd505

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromCLSID
CoRegisterClassObject
CoImpersonateClient
CoInitializeSecurity
CoUninitialize
CoInitializeEx
StringFromIID
CoTaskMemFree
CoCreateInstance
CoGetClassObject
CoRevertToSelf
CoTaskMemRealloc
CoDisconnectObject
CoSetProxyBlanket
CoGetCallContext
CoQueryProxyBlanket
CoCreateGuid
StringFromGUID2
CLSIDFromString
CoTaskMemAlloc
CoRevokeClassObject

advapi32

DeregisterEventSource
DeleteService
CreateServiceA
RegCreateKeyExA
GetTokenInformation
RegEnumValueA
AdjustTokenPrivileges
RegDeleteValueA
RegSetValueExA
OpenProcessToken
RegisterServiceCtrlHandlerA
ChangeServiceConfigA
OpenThreadToken
OpenServiceA
ControlService
CloseServiceHandle
SetServiceStatus
StartServiceCtrlDispatcherA
ReportEventA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
SetThreadToken
RegQueryValueExW
RegQueryInfoKeyA
OpenSCManagerA
RegisterEventSourceA
RegCloseKey
RegEnumKeyA
LookupPrivilegeValueA
RegQueryValueExA
RegCreateKeyA

rpcrt4

RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
NdrClientCall
RpcStringFreeA

oleacc

LresultFromObject
AccessibleObjectFromWindow

kernel32

LocalFree
CreateFileMappingA
TlsFree
UnmapViewOfFile
SetLastError
FreeEnvironmentStringsW
GetStringTypeA
GetLastError
CreateProcessA
ReadFile
ReleaseMutex
HeapFree
FormatMessageA
GetPrivateProfileSectionNamesA
GetProcessTimes
GetProfileStringA
WideCharToMultiByte
FindResourceExA
LocalAlloc
UnhandledExceptionFilter
FindClose
SetEvent
GetComputerNameA
GetExitCodeProcess
IsDBCSLeadByte
InterlockedDecrement
GetProcAddress
FreeEnvironmentStringsA
LoadLibraryExA
GetEnvironmentStrings
FlushFileBuffers
GetTickCount
lstrcmpiA
GetStdHandle
WritePrivateProfileStringA
GetOEMCP
WriteProfileStringA
SetEndOfFile
lstrcpynA
TerminateThread
GetCurrentThread
LCMapStringA
DuplicateHandle
OpenProcess
SetHandleCount
CreateFileA
LocalSize
CreateMutexA
FindResourceA
InterlockedCompareExchange
GetPrivateProfileStringA
CompareStringA
GetCPInfo
MultiByteToWideChar
GetCurrentProcess
VirtualQuery
TlsSetValue
HeapReAlloc
GetModuleFileNameW
GetSystemDirectoryA
GetVersion
CreateEventA
GetCurrentThreadId
GetCommandLineA
GetLocaleInfoA
GetEnvironmentStringsW
SetEnvironmentVariableA
TlsGetValue
MapViewOfFile
RtlUnwind
LeaveCriticalSection
DeleteCriticalSection
GetModuleHandleW
HeapAlloc
EnterCriticalSection
GetSystemTimeAsFileTime
EnumSystemLanguageGroupsW
GetVersionExA
GetACP
CompareStringW
ResetWriteWatch
CreateDirectoryA
RaiseException
LCMapStringW
TlsAlloc
HeapCreate
TerminateProcess
GetStartupInfoA
GetModuleHandleA
GetSystemInfo
VirtualFree
VirtualProtect
GetThreadLocale
HeapDestroy
lstrcatA
HeapSize
SetStdHandle
GetModuleFileNameA
lstrlenA
InterlockedIncrement
SetUnhandledExceptionFilter
GetPrivateProfileIntA
CreateProcessW
GetCurrentProcessId
LoadResource
ReadProcessMemory
GetFileAttributesA
ExitProcess
WriteFile
GetStringTypeW
Sleep
LoadLibraryA
QueryPerformanceCounter
SetErrorMode
SizeofResource
SetFilePointer
LoadLibraryW
lstrcpyA
CloseHandle
VirtualAlloc
IsBadWritePtr
IsBadCodePtr
FreeLibrary
InterlockedExchange
GetPrivateProfileSectionA
FindFirstFileA
LockResource
GetProcessHeap
CreateThread
GetFileType
WaitForSingleObject
lstrlenW
IsBadReadPtr
InitializeCriticalSection
HeapFree

shlwapi

PathFindExtensionA

user32

DispatchMessageA
PeekMessageA
EnumWindows
MessageBoxA
IsWindowVisible
GetWindowThreadProcessId
KillTimer
SetTimer
PostThreadMessageA
CharUpperA
GetWindowTextA
CharNextA
wsprintfW
GetMessageA
LoadStringA
wsprintfA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5198f5a369fb9d32b3fdd53d8e1cd505

Headers

File Characteristics

Imports

ole32

advapi32

rpcrt4

oleacc

kernel32

shlwapi

user32

version

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 6KB - Virtual size: 405KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 6KB - Virtual size: 405KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 512B - Virtual size: 4KB