fc7c5651d2418340f7e2359c2f320e0f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc7c5651d2418340f7e2359c2f320e0f_JaffaCakes118
Size

422KB
MD5

fc7c5651d2418340f7e2359c2f320e0f
SHA1

5feb1043ff549208dd1e8a25222933a391d4535f
SHA256

31dedb428c6c80205b87ddd45bce287088dcc4ff8db1808ecce1aad40de9da95
SHA512

a23f7ae284191d0dc375643ac88a630bde462be78fda9cf26671ecceffe5132dd0599fe0e1c60edea87791446e22a7ef412bab7c5644724f4088fd59bd01bc89
SSDEEP

12288:liCiFW6lb9QlklhAihllU5SQ+8mUojpYsbvJ7:sd16eOs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc7c5651d2418340f7e2359c2f320e0f_JaffaCakes118

Files

fc7c5651d2418340f7e2359c2f320e0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b54c1f249d0a34a5efdeab884014ee40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetStringTypeW
OpenWaitableTimerW
GetComputerNameW
GetModuleHandleW
FlushViewOfFile
HeapAlloc
LoadLibraryA
TlsAlloc
LeaveCriticalSection
TlsSetValue
lstrcmpiA
WritePrivateProfileSectionA
FreeLibrary
SetUnhandledExceptionFilter
Sleep
EnumSystemLocalesA
GetStartupInfoW
GetStdHandle
GetCurrencyFormatA
SetHandleCount
GetCurrentThread
GetStringTypeA
GetDateFormatA
LCMapStringA
GetUserDefaultLCID
TlsGetValue
GetStartupInfoA
GetProcAddress
EnumResourceTypesW
GetOEMCP
WideCharToMultiByte
GetProfileIntW
GetCommandLineW
LocalUnlock
HeapCreate
VirtualQuery
LCMapStringW
VirtualFree
SetConsoleCtrlHandler
FreeEnvironmentStringsW
HeapSize
TlsFree
GetModuleFileNameW
HeapReAlloc
IsValidLocale
ExitProcess
CreateRemoteThread
GetLocalTime
VirtualAlloc
WriteFile
QueryPerformanceCounter
GetCurrentProcess
InterlockedIncrement
GetModuleHandleA
GetLastError
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
GetCurrentThreadId
SetEnvironmentVariableA
UnhandledExceptionFilter
GetCPInfo
GetLocaleInfoA
GetCurrentProcessId
GetModuleFileNameA
IsDebuggerPresent
GetACP
GetPrivateProfileSectionNamesW
GetTickCount
GetTimeZoneInformation
DeleteCriticalSection
GetFileType
SetLastError
MultiByteToWideChar
RtlUnwind
GetEnvironmentStringsW
GetSystemTimeAsFileTime
InterlockedExchange
IsValidCodePage
CompareStringW
CompareStringA
GetLocaleInfoW
ReadFile
GetTimeFormatA
HeapDestroy
HeapFree
TerminateProcess

wininet

HttpSendRequestExA
SetUrlCacheConfigInfoW
InternetSecurityProtocolToStringW
InternetReadFileExW
FindFirstUrlCacheEntryExA
FtpDeleteFileA
DeleteUrlCacheEntryW
SetUrlCacheEntryGroup
IsUrlCacheEntryExpiredA
FtpRenameFileW
HttpEndRequestA
FtpOpenFileA

comdlg32

GetOpenFileNameW
PrintDlgW
GetSaveFileNameW
FindTextW
ReplaceTextA
PageSetupDlgA
ChooseColorW
FindTextA
GetFileTitleA
ReplaceTextW
ChooseFontA
ChooseColorA

shell32

SHFileOperation
FindExecutableA
SHInvokePrinterCommandW
FindExecutableW
DragQueryFileW

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b54c1f249d0a34a5efdeab884014ee40

Headers

File Characteristics

Imports

kernel32

wininet

comdlg32

shell32

Sections

.text Size: 142KB - Virtual size: 142KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 142KB - Virtual size: 142KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 3KB - Virtual size: 2KB