fcb41e736e5f88b9f0d50c4fba65d2f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fcb41e736e5f88b9f0d50c4fba65d2f6_JaffaCakes118
Size

227KB
MD5

fcb41e736e5f88b9f0d50c4fba65d2f6
SHA1

e4681183d30df30bfcddb2cd6c0dfe07518e0f5e
SHA256

c32d29ca4149f649e9530c7fce1089fe4ff917e17d34468c58240eed20f3d4b1
SHA512

20c92cefb26f2693af3876ebfa1571ba0b7d53f2943028179cc553093c157c081f41553cfd92ff2f8196d5056a38855f1ef79b5f913ef33c9e79ff53f19c1a40
SSDEEP

6144:AJZpRHaNaQscLY9Q7avZ74AYvmIJojS7TJJhssMRrBf:AJZpRH1Qm0av14nuImSJJGR1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcb41e736e5f88b9f0d50c4fba65d2f6_JaffaCakes118

Files

fcb41e736e5f88b9f0d50c4fba65d2f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71f849668ecdd6178cacb1d0afd01a0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GetEnvironmentStringsA
EndUpdateResourceW
GetThreadPriority
BeginUpdateResourceA
GetVersion
ExitProcess
GetUserDefaultLangID
IsValidCodePage
SetCalendarInfoA
CreateMutexW
lstrcatA
GetFileType
GetTempPathW
GetEnvironmentVariableA
GetExpandedNameW
GetLocalTime
LoadLibraryA
RaiseException
DosDateTimeToFileTime
GetVolumeInformationW
GetFullPathNameW
lstrcmp
CopyFileExW
ConnectNamedPipe
GetDiskFreeSpaceW
EnumDateFormatsA
GetCurrentDirectoryW
GetProcAddress
lstrcpy
MoveFileA
MulDiv
EnumTimeFormatsW
IsBadStringPtrA
GlobalAlloc
SetLastError
GetAtomNameA

user32

MessageBoxW
SetCursorPos
EnumChildWindows
OpenClipboard
GetTopWindow
GetWindowRgn
EnableWindow
SendDlgItemMessageA
LoadCursorW
SetWindowLongW
EmptyClipboard
GetMenuItemCount
InsertMenuW
CreatePopupMenu
GetDC
SetCapture
LoadIconA
GetClassInfoExW
ShowCursor
WaitMessage
CheckRadioButton
IsWindowEnabled

gdi32

GetGlyphIndicesA
RemoveFontMemResourceEx
StretchDIBits
UpdateICMRegKeyA
GetCharABCWidthsW
GetCharacterPlacementW
GetTextFaceA
CreateRoundRectRgn
CreateICW
GetICMProfileW
TranslateCharsetInfo
CreateEllipticRgn
PtVisible
CreateEnhMetaFileA
EnumFontFamiliesA
SetMetaFileBitsEx

advapi32

RegOpenKeyExA
AllocateLocallyUniqueId
RegQueryInfoKeyW
RegSaveKeyA
RegCreateKeyExW
ConvertSidToStringSidA

shell32

ShellExecuteExA
StrStrW
StrStrIW
StrStrA
Shell_NotifyIcon

shlwapi

StrDupA
PathGetDriveNumberA
PathRemoveFileSpecW
PathRemoveFileSpecA
SHRegDeleteUSValueW
SHSetValueW
StrRChrIW
PathMatchSpecA
PathIsURLW
PathIsLFNFileSpecW
StrFormatByteSizeA
SHDeleteValueA
GetMenuPosFromID
PathMatchSpecW
SHQueryInfoKeyW
StrCpyW

oleaut32

VarFormatPercent

wsock32

inet_network
WSAAsyncGetHostByAddr
ntohl
socket
recvfrom
setsockopt
WSAIsBlocking
NPLoadNameSpaces
WSAAsyncGetServByName
GetNameByTypeA
ioctlsocket
EnumProtocolsW

Sections

.HqaK
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.suO
Size: 1024B - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdy
Size: 5KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdBDe
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SlA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ov
Size: 3KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fUFboP
Size: 3KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NLBb
Size: 4KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fE
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71f849668ecdd6178cacb1d0afd01a0e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

oleaut32

wsock32

Sections

.HqaK Size: 3KB - Virtual size: 2KB

.suO Size: 1024B - Virtual size: 85KB

.gdy Size: 5KB - Virtual size: 300KB

.zdBDe Size: 87KB - Virtual size: 86KB

.SlA Size: 12KB - Virtual size: 12KB

.ov Size: 3KB - Virtual size: 94KB

.fUFboP Size: 3KB - Virtual size: 32KB

.NLBb Size: 4KB - Virtual size: 395KB

.fE Size: 85KB - Virtual size: 85KB

.data Size: 14KB - Virtual size: 116KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.HqaK
Size: 3KB - Virtual size: 2KB

.suO
Size: 1024B - Virtual size: 85KB

.gdy
Size: 5KB - Virtual size: 300KB

.zdBDe
Size: 87KB - Virtual size: 86KB

.SlA
Size: 12KB - Virtual size: 12KB

.ov
Size: 3KB - Virtual size: 94KB

.fUFboP
Size: 3KB - Virtual size: 32KB

.NLBb
Size: 4KB - Virtual size: 395KB

.fE
Size: 85KB - Virtual size: 85KB

.data
Size: 14KB - Virtual size: 116KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B