fc4fb9bedb0c3f57d4eb824308ea15ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc4fb9bedb0c3f57d4eb824308ea15ab_JaffaCakes118
Size

329KB
MD5

fc4fb9bedb0c3f57d4eb824308ea15ab
SHA1

196fedf582cf051ebe24be6db6e5afc1434afefb
SHA256

0b1c74ff08db0b26d79270f60bf15d0c4fced388354a163092f874e57b209900
SHA512

863504368c4ca842d8cdb6259271c40498c1f93d727ddee9cc3973a29b33f3a5632ef840e24e2cd2d024bb672301042229d5bf32ef04fd4f6cfcbe6612e1097e
SSDEEP

6144:nBho2MB33dqKx5tpqZsdkEvVbw2Bh5QxK8Qnt/zuIxaoZPPza:nc2MB33dB5tpJbPBhcK1nZuIxaMa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc4fb9bedb0c3f57d4eb824308ea15ab_JaffaCakes118

Files

fc4fb9bedb0c3f57d4eb824308ea15ab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6851c60c2294989ece79ce24bb3e06ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetOEMCP
HeapSize
GetLocaleInfoW
GetSystemTimeAsFileTime
GetCurrentProcessId
LoadLibraryW
SetStdHandle
WriteConsoleW
CreateFileA
CreateFileW
SetEndOfFile
IsValidCodePage
CloseHandle
GetLastError
HeapCreate
GetTickCount
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
SetLastError
TlsFree
GetACP
HeapAlloc
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetCPInfo
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
ExitProcess
ReadFile
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
GetProcessHeap

user32

GetWindowLongA
GetWindow
GetWindowRect
GetParent
GetWindowInfo
WindowFromPoint
GetClientRect
LoadCursorA
GetWindowTextA
SetDlgItemInt
GetDlgItem
SendDlgItemMessageW
GetSysColor
GetCursorPos
IsWindow
SetDlgItemTextW
EnableWindow

gdi32

GdiFlush

version

VerQueryValueA
GetFileVersionInfoSizeA

shlwapi

StrTrimA

comctl32

ord17

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

..idata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6851c60c2294989ece79ce24bb3e06ed

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

version

shlwapi

comctl32

Sections

.text Size: 243KB - Virtual size: 242KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 7KB - Virtual size: 18KB

..idata Size: 28KB - Virtual size: 27KB

.bss Size: 15KB - Virtual size: 14KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 243KB - Virtual size: 242KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 7KB - Virtual size: 18KB

..idata
Size: 28KB - Virtual size: 27KB

.bss
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 14KB - Virtual size: 14KB