fc46cc939d51699a8da86af153125ffd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fc46cc939d51699a8da86af153125ffd_JaffaCakes118
Size

149KB
MD5

fc46cc939d51699a8da86af153125ffd
SHA1

adfeb6c599c631f9178a5d113443c3558cbfd9c5
SHA256

7c337352add0721331d5d1faf862f2a665c9902557504e8f6a4a1ca1eb01b574
SHA512

bf467a212b9f5bf9d0b636ff959f971a764d71e6368338ff4315d97deb5714eb91891cc91d29788bd50298edbd2b17fbd8977e50946b0dc6488ac80b5a0b2d6e
SSDEEP

3072:RKbRKTj1rao4gdO5a0fLuWLNfRj/5ZvzkFl71MxM/szK:9Tj1OgcvfCONxQl71MUj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc46cc939d51699a8da86af153125ffd_JaffaCakes118

Files

fc46cc939d51699a8da86af153125ffd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

653649a3574737623d50048b30f74079

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

remove
localeconv
_controlfp
signal
wcstombs
_ultoa
_filbuf
abort
_acmdln
_XcptFilter
__p__commode
__getmainargs
log10
__p__fmode
wcstoul
_except_handler3
__set_app_type
__setusermatherr
strchr
_filelengthi64
_wcsicmp
_adjust_fdiv
_initterm
exit

kernel32

GetTempPathA
GetStartupInfoA
SetHandleCount
SetFileAttributesW
LocalAlloc
GetModuleFileNameW
GetTempFileNameA
lstrcatA
GetFileAttributesA
VirtualProtect
LocalFileTimeToFileTime
GetModuleHandleA
lstrcpyA
GetCurrentDirectoryA
InterlockedExchange
CreateFileMappingA
GetSystemTime
CompareStringA

advapi32

RegEnumKeyA
RegCreateKeyExW
RegEnumValueA
RegDeleteKeyW
RevertToSelf
QueryServiceStatus
IsValidSid

comctl32

ImageList_SetOverlayImage
InitCommonControls
ImageList_BeginDrag
PropertySheetW

ole32

CoUninitialize
CoGetClassObject
CoTaskMemRealloc
OleRun
StringFromGUID2
ReleaseStgMedium
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
PropVariantClear
IsAccelerator
CoTaskMemFree

version

VerInstallFileA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shell32

SHGetSpecialFolderPathW
SHGetDesktopFolder
SHCreateDirectoryExW
ExtractIconW
ShellExecuteW
SHGetPathFromIDList

oleaut32

SafeArrayGetElement
SysAllocStringLen
SafeArrayRedim
LoadTypeLib
SysReAllocStringLen
CreateErrorInfo
VariantCopyInd
SetErrorInfo
SafeArrayUnaccessData
VariantClear

gdi32

PolyDraw
OffsetViewportOrgEx
CreateDIBSection
GetDIBits
EndDoc
SelectObject
RestoreDC
SelectPalette
GetTextFaceW
Rectangle
GetCurrentObject
CreateBrushIndirect
ExtSelectClipRgn
Ellipse
GetTextExtentPoint32W
GetOutlineTextMetricsA
CopyMetaFileW

user32

GetWindowPlacement
SetScrollPos
DialogBoxParamA
FrameRect
GetDesktopWindow
GetSystemMenu
CreatePopupMenu
AdjustWindowRectEx
ReleaseDC

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

653649a3574737623d50048b30f74079

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

comctl32

ole32

version

shell32

oleaut32

gdi32

user32

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 18KB - Virtual size: 42KB

.rsrc Size: 113KB - Virtual size: 116KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 18KB - Virtual size: 42KB

.rsrc
Size: 113KB - Virtual size: 116KB