fcbbd6c2a03f026e3c1fe6f210c0cca1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fcbbd6c2a03f026e3c1fe6f210c0cca1_JaffaCakes118
Size

872KB
MD5

fcbbd6c2a03f026e3c1fe6f210c0cca1
SHA1

f007daf138336c145f2703ca9a1931b3ae071f3b
SHA256

a9e622fc044b26a37b00096b7d0b1cf640e53372dbf60ba2cf6cb53bc8fc3c66
SHA512

f65247c14107106a2590e3c187d5ab9db7ca72428b8ef59612845313fd1c58c092e184754576892bb10d5b1ad2e87cbda87fcaef7356cc5a4b402b7467f8a90e
SSDEEP

24576:2FWWsF1Z4p3AEeVfKFG6Q3zw5PYSxG/Fv6sij:bWQWAjK1pPYSxWij

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcbbd6c2a03f026e3c1fe6f210c0cca1_JaffaCakes118

Files

fcbbd6c2a03f026e3c1fe6f210c0cca1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ecc1083dbb320bf48dad2db540962ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

sendto
accept
WSAAsyncGetServByPort
WSASendDisconnect

version

GetFileVersionInfoSizeA
VerInstallFileA
VerFindFileA

kernel32

EnumResourceNamesW
GetCommConfig
GetShortPathNameA
SwitchToFiber
SetupComm
TlsGetValue
OutputDebugStringA
SetCurrentDirectoryA
ReadDirectoryChangesW
ExitProcess
GetDateFormatA
LoadLibraryExA
LoadLibraryExW
GetCurrentProcessId
GetLongPathNameA
FreeEnvironmentStringsA
Beep
OpenMutexA
GetCompressedFileSizeW
SetEnvironmentVariableA
WriteProcessMemory
FormatMessageW
GetTickCount
GetNumberFormatW
EndUpdateResourceA
GetLogicalDriveStringsA
GlobalFindAtomW
GetCommModemStatus
WritePrivateProfileStructA
IsBadReadPtr
FindFirstFileW
CancelIo
GetStartupInfoA
OpenFile
GetOEMCP
LCMapStringA
FlushConsoleInputBuffer
GlobalAddAtomW
GetSystemInfo
SetConsoleActiveScreenBuffer
GetComputerNameW
GetTapeStatus
GetShortPathNameW
QueryDosDeviceA
_hread
SearchPathW
PeekConsoleInputW
GetProfileStringA
SetCommMask
CopyFileExW
GetSystemDirectoryW
SetThreadAffinityMask
lstrcpyA
VirtualLock
EnumResourceLanguagesW
CreateIoCompletionPort
ExpandEnvironmentStringsW

user32

SetWindowPlacement
MessageBoxIndirectW
SetWindowsHookExA
GetMenuStringW
InsertMenuItemA
TrackMouseEvent
LoadMenuIndirectA
GetProcessWindowStation
IsIconic
WinHelpA
SetLastErrorEx
IsDlgButtonChecked
GetUserObjectInformationW
RegisterHotKey
UnhookWinEvent
GetNextDlgTabItem
CreateDialogIndirectParamW
EnumClipboardFormats
CheckDlgButton

shell32

SHGetSpecialFolderPathA
SHLoadInProc
SHFileOperationW
SHBrowseForFolderA

oleaut32

QueryPathOfRegTypeLi
SysAllocStringLen
SafeArrayGetElement
SafeArrayRedim
VariantChangeType
LoadTypeLibEx

msvcrt

setlocale
isalnum
_get_osfhandle
_mbsnicmp
_lseek
_splitpath
towupper
_sopen
_exit
_snprintf
_wctime
strspn
wcstol
_mbscpy
_wfsopen
_errno
strcoll

Sections

.text
Size: 24KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ecc1083dbb320bf48dad2db540962ed

Headers

File Characteristics

Imports

ws2_32

version

kernel32

user32

shell32

oleaut32

msvcrt

Sections

.text Size: 24KB - Virtual size: 240KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 603KB - Virtual size: 602KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 24KB - Virtual size: 240KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 603KB - Virtual size: 602KB

.rsrc
Size: 17KB - Virtual size: 16KB