fc67bd4faed19f2b1d7d931007dbae76_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fc67bd4faed19f2b1d7d931007dbae76_JaffaCakes118
Size

59KB
MD5

fc67bd4faed19f2b1d7d931007dbae76
SHA1

c97fef6da1cddb863ea6ebedf9347f4b4f0e098d
SHA256

c208011630f4081e5f6b518a3dfc123eee2c8cbb52e397c822c5cc0af9d4d132
SHA512

92dbd1f58d1092535530dda76e12068f19faaad0f3edc2ba2de1185093bf97182aa65513f4abec38ca576e13e2ac976216cc86562d7fa86958eaf8705f40ff92
SSDEEP

1536:ys493dCGvYgUoVJjoFyol2hby/X+MJDt:y/30GvnUkJjmyoQ5i+eDt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc67bd4faed19f2b1d7d931007dbae76_JaffaCakes118

Files

fc67bd4faed19f2b1d7d931007dbae76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d639525946143d9daaf0650f4bae39ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
GetDiskFreeSpaceA
SetCommMask
SizeofResource
GetProcessVersion
EnumSystemLocalesA
GetProfileStringA
DisconnectNamedPipe
LocalShrink
ResumeThread
GlobalUnWire
LocalAlloc
FlushInstructionCache
GetConsoleCursorInfo
FileTimeToLocalFileTime
AreFileApisANSI
GetNumberFormatA
GetBinaryTypeA
HeapUnlock
TransactNamedPipe
GetDefaultCommConfigA
PurgeComm
ClearCommBreak
ReadFileEx
IsBadReadPtr
FreeConsole
FindAtomA
IsValidCodePage
FlushConsoleInputBuffer
CreateNamedPipeA
WriteProcessMemory
InitializeCriticalSection
ReadConsoleOutputA
SetCommTimeouts
CopyFileA
GetCommConfig
CreateDirectoryExA
GetLocalTime
SystemTimeToTzSpecificLocalTime
GlobalAddAtomA
CreateThread
IsDBCSLeadByteEx
LockFileEx
SetFilePointer
ResetEvent
EraseTape
SleepEx
GetFileTime
OpenProcess
LocalUnlock
lstrcpyn
lstrcmp
GetNumberOfConsoleMouseButtons
GetVersionExA
GetCurrentDirectoryA
_llseek
GlobalUnlock
GetLogicalDriveStringsA
GetConsoleTitleA
OpenEventA
UnlockFileEx
WriteFile

shlwapi

StrIsIntlEqualA
PathIsUNCA
StrSpnA
StrRChrIA
PathStripToRootA
StrCSpnA
PathGetDriveNumberA
PathSearchAndQualifyA
PathRemoveBlanksA
PathAppendA
StrChrIA
PathFindOnPathA
PathIsRelativeA
StrToIntExA
PathFileExistsA
AssocQueryStringA
SHRegWriteUSValueA
UrlIsOpaqueA
SHRegCreateUSKeyA
PathCommonPrefixA
PathMakePrettyA
SHRegOpenUSKeyA
SHIsLowMemoryMachine
SHRegEnumUSKeyA
HashData
UrlCombineA
SHCreateStreamWrapper
StrFormatByteSize64A

advapi32

GetSecurityDescriptorControl

Sections

.luxm
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jwl
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erqd
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fsr
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d639525946143d9daaf0650f4bae39ce

Headers

File Characteristics

Imports

kernel32

shlwapi

advapi32

Sections

.luxm Size: 22KB - Virtual size: 45KB

.jwl Size: 5KB - Virtual size: 10KB

.erqd Size: 1024B - Virtual size: 1KB

.fsr Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.luxm
Size: 22KB - Virtual size: 45KB

.jwl
Size: 5KB - Virtual size: 10KB

.erqd
Size: 1024B - Virtual size: 1KB

.fsr
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB