fcd2d5a042bd323fcf01f49de2152190_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fcd2d5a042bd323fcf01f49de2152190_JaffaCakes118
Size

755KB
MD5

fcd2d5a042bd323fcf01f49de2152190
SHA1

56cf5f67ddb517df71df8b3f15167cb2bfbcf8fe
SHA256

af046c4eb62bf69f6b6f883f1bf156f39a64000aa733cd43eb0b5d7a6408b12f
SHA512

2112bd01541167f3387ac35e42456ef0a2cdb42b2bf0aa14d4f9a79f7891485a602e7903cf0c9d82f8a2b0c413e62814018b130c392f5b17f7714bbcb91badd0
SSDEEP

6144:k6pr71r1o8otaq4XiO8diyFoM9W1o8xekNurKvmmM/tpUKP6pT73:7pP1r1o8oa6F19KoIpN3mmM/ZqT73

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcd2d5a042bd323fcf01f49de2152190_JaffaCakes118

Files

fcd2d5a042bd323fcf01f49de2152190_JaffaCakes118
.exe windows:6 windows x86 arch:x86

4b05aff8bc1172748328817fa7ba0a77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
VirtualFreeEx
Sleep
ReadProcessMemory
VirtualAlloc
VirtualAllocEx
GetSystemInfo
CloseHandle
WriteProcessMemory
SuspendThread
ResumeThread
CreateThread
ExitProcess
CreateFileA
lstrcmpA
FreeLibrary
WaitNamedPipeA
GetCurrentProcess
GlobalLock
GetCurrentThread
WriteFile
OpenProcess
GlobalAlloc
GetPrivateProfileIntA
TerminateThread
GetFileAttributesA
Beep
CreateProcessA
TerminateProcess
ReadFile
GlobalUnlock
GetLastError
SetLastError
GetProcAddress
GetPrivateProfileStringA
GetLocalTime
LoadLibraryA
OpenThread
WritePrivateProfileStringA
GetModuleFileNameA
GetModuleHandleA
CreateRemoteThread
DeviceIoControl
GetVersionExA
SetEndOfFile
CreateFileW
WriteConsoleW
SetStdHandle
ReadConsoleW
OutputDebugStringW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
LoadLibraryExW
SetConsoleCtrlHandler
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThreadId
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetModuleFileNameW
GetProcessHeap
GetFileType
GetStdHandle
IsDebuggerPresent
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
SetEnvironmentVariableA
GetDateFormatW
CreateSemaphoreW
GetModuleHandleW
GetStartupInfoW
GetTickCount
VirtualFree
WaitForSingleObject
VirtualQuery
SetThreadContext
CreateMutexA
GetThreadContext
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetCPInfo
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetModuleHandleExW
AreFileApisANSI
GetCommandLineA
RaiseException
FatalAppExitA

user32

GetDC
MoveWindow
GetWindowThreadProcessId
mouse_event
FindWindowA
SetClipboardData
SetWindowTextA
MessageBoxW
OpenClipboard
DispatchMessageA
keybd_event
GetMessageA
CloseClipboard
ScreenToClient
GetWindowRect
SetActiveWindow
CreateDialogParamA
PostQuitMessage
SetForegroundWindow
LoadIconA
wsprintfA
SetFocus
SendMessageA
GetClassNameA
IsDialogMessageA
TranslateMessage
GetForegroundWindow
SetWindowLongA
MessageBoxA
SetCursorPos
BringWindowToTop
GetWindowLongA
ReleaseDC
EmptyClipboard
GetDlgItem
EndDialog
ShowWindow
IsWindow

gdi32

GetPixel

advapi32

LookupPrivilegeValueA
OpenThreadToken
OpenProcessToken
AdjustTokenPrivileges

wininet

InternetOpenUrlA
InternetQueryDataAvailable
InternetReadFile
InternetOpenA
InternetCloseHandle

ntdll

NtQueryInformationProcess
RtlUnwind
NtQuerySystemInformation

Sections

.text
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.shell
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b05aff8bc1172748328817fa7ba0a77

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

ntdll

Sections

.text Size: 321KB - Virtual size: 320KB

.shell Size: 2KB - Virtual size: 2KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 9KB - Virtual size: 121KB

.rsrc Size: 348KB - Virtual size: 347KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 321KB - Virtual size: 320KB

.shell
Size: 2KB - Virtual size: 2KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 9KB - Virtual size: 121KB

.rsrc
Size: 348KB - Virtual size: 347KB

.reloc
Size: 16KB - Virtual size: 16KB