fcbcf0c286ac33f39dac8de4d226c0b5_JaffaCakes118

General

Target

fcbcf0c286ac33f39dac8de4d226c0b5_JaffaCakes118
Size

56KB
MD5

fcbcf0c286ac33f39dac8de4d226c0b5
SHA1

23f21e8fc8c17d29ab7318bceafcf6d192ea733b
SHA256

1b4d458c8ddf0635cb41641cc5757188288094ce62124e1c8bb6506445650546
SHA512

9eac9267dbe164a8d3b0f7c63029ad9df7033b85678e086337703d84ebc98add889c83854abe4b36709cb4af41ebd86ef9093785b7184488b8b338bc6d5b2e7a
SSDEEP

768:g+JWmxziZgExW9hUsSUgAsCnTs+xf8/ynBAtVSvf33iDzpo:gmIZ/xW9VSUgkNnB0Vivy3po

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcbcf0c286ac33f39dac8de4d226c0b5_JaffaCakes118

Files

fcbcf0c286ac33f39dac8de4d226c0b5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1721b4d9e11aba6fd74043c2689dace7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetMenuItemInfoA
ReleaseDC
RegisterWindowMessageA
PeekMessageA
IsDlgButtonChecked
InvalidateRect
GetSubMenu
GetClassLongA
DrawTextA
CheckMenuItem

kernel32

OpenProcess
SetLastError
RtlUnwind
OpenEventA
MultiByteToWideChar
IsBadStringPtrA
HeapReAlloc
HeapCreate
HeapAlloc
GetVersionExA
CloseHandle
DeviceIoControl
ExitProcess
FileTimeToSystemTime
GetCommandLineA
GetConsoleMode
GetCurrentThreadId
GetModuleHandleA
GetStartupInfoA
GetTimeZoneInformation

setupapi

SetupDiGetHwProfileList
SetupDiGetDeviceInstanceIdA
SetupDiClassGuidsFromNameExW

olepro32

OleCreateFontIndirect

oleacc

CreateStdAccessibleProxyW
AccessibleObjectFromPoint
AccessibleChildren
GetStateTextW
GetRoleTextW
ObjectFromLresult
LresultFromObject

advapi32

CloseEncryptedFileRaw
RegSetValueA
SetSecurityDescriptorSacl
StartServiceW
CancelOverlappedAccess

security

QueryContextAttributesA
ExportSecurityContext
QuerySecurityPackageInfoW
QueryCredentialsAttributesW

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1721b4d9e11aba6fd74043c2689dace7

Headers

File Characteristics

Imports

user32

kernel32

setupapi

olepro32

oleacc

advapi32

security

Sections

.text Size: 44KB - Virtual size: 44KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 44KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB