fc6e60d6f8d2d1204cb172eb6f8044b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc6e60d6f8d2d1204cb172eb6f8044b1_JaffaCakes118
Size

212KB
MD5

fc6e60d6f8d2d1204cb172eb6f8044b1
SHA1

ed406317deac190b400f56f38a26c5d0873e25f1
SHA256

cdb8bda1ae1f0822cf96ca2f6d953858e480c2bb6a22da5c71e8b3aa0584632a
SHA512

49fd1ab8d592453cc48cec59c45593fa868ae5ca6b1f76c0a72ffbbad720a856727e2ab16dc0b2c44bba55c76137d63f3ca24119c7262075b02767876702c8f8
SSDEEP

3072:PO7UW5sMrwH2/e84olXizwVKi+Z3H0EXw0W18WAFmmZ:PO7UW5sM0HBjolyLJUmM8WAvZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc6e60d6f8d2d1204cb172eb6f8044b1_JaffaCakes118

Files

fc6e60d6f8d2d1204cb172eb6f8044b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1557347f28dc2735f6dfaa60c1dbb46d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
CheckTokenMembership
CryptAcquireContextA
CryptDestroyHash
CryptHashData
CryptReleaseContext
OpenThreadToken
RegDeleteKeyA
RegEnumKeyExW
RegOpenKeyW

ole32

CLSIDFromProgID
CoCreateInstance
CoDisconnectObject
CoFreeUnusedLibraries
CoGetInterfaceAndReleaseStream
CoInitialize
CoMarshalInterThreadInterfaceInStream
CoRegisterMessageFilter
CoReleaseMarshalData
CoTaskMemRealloc
CoUninitialize
IIDFromString
OleDraw
OleGetClipboard
OleUninitialize
ProgIDFromCLSID
PropVariantClear
ReleaseStgMedium
RevokeDragDrop

kernel32

CreateFileMappingA
GetCurrentProcess
GetFileSize
GetStdHandle
GetUserDefaultLCID
InitializeCriticalSection
LCMapStringW
LockResource
OutputDebugStringA
SetEnvironmentVariableA
TlsFree
TlsSetValue
VirtualFree
WideCharToMultiByte

user32

DialogBoxParamA
DrawFrameControl
DrawIcon
FillRect
GetSysColorBrush
InsertMenuItemA
IsDialogMessageA
MessageBoxA
RegisterWindowMessageA
RemoveMenu
SendDlgItemMessageA
SetCapture
SetScrollRange
ShowOwnedPopups
WindowFromPoint
wsprintfA

gdi32

CreateBrushIndirect
CreateEnhMetaFileA
DeleteMetaFile
DeleteObject
EnumFontsA
EnumMetaFile
GetDeviceCaps
GetMetaFileBitsEx
GetNearestColor
GetPixel
GetRgnBox
GetWindowExtEx
PolyBezierTo
SelectClipPath
SetDIBitsToDevice
SetMapMode
SetMetaFileBitsEx
SetTextAlign
SetViewportOrgEx
SetWindowExtEx
StrokeAndFillPath
StrokePath

comctl32

CreatePropertySheetPageW
ImageList_Add
ImageList_Replace
InitCommonControls

shell32

DoEnvironmentSubstW
DragFinish
DragQueryFileA
SHAppBarMessage
SHGetFileInfoW
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSettings
Shell_NotifyIconA

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

hZkK64Do
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1557347f28dc2735f6dfaa60c1dbb46d

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

user32

gdi32

comctl32

shell32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

hZkK64Do Size: 2KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

hZkK64Do
Size: 2KB - Virtual size: 120KB