fcd7051ed092bfb563821ac732cbe8f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fcd7051ed092bfb563821ac732cbe8f6_JaffaCakes118
Size

481KB
MD5

fcd7051ed092bfb563821ac732cbe8f6
SHA1

d557f949569cf7c65ce8d331da279af7c9cd34d8
SHA256

112eacba8980d5e89a8d406bb67f9b07773e8e93b881e940f366582a30bfd299
SHA512

684d94407e6ca6756844ff410da4f49dd785a78a8bcec8cc33fb348ed0a576bd2955119c92124ef38280ff583e0fbf84f656afccf495a322e52547a597da3c3a
SSDEEP

6144:yc51/QjZSdImx5Gcbegclyl14WQjcL1+Uoctb7SVzGLSZPcuLiZz9Y28yVi2hdRa:BtdbGcbegcfW8cRRZl7SlGQ8k2QkzBW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcd7051ed092bfb563821ac732cbe8f6_JaffaCakes118

Files

fcd7051ed092bfb563821ac732cbe8f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3cb021cc37ac503a25423dc7595c286

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\eurj\oyk\eqxhp\the\rqeie\gaje

Imports

user32

RegisterClassA
DrawTextA
CallNextHookEx
SetMenuItemInfoA
DialogBoxParamA
GetSubMenu
GetWindowTextLengthA
EnumDisplaySettingsW
WinHelpA
RegisterClassExA

wininet

FtpPutFileA
HttpSendRequestA
InternetCheckConnectionW

kernel32

lstrcpyn
GetStdHandle
VirtualQuery
InterlockedIncrement
MultiByteToWideChar
GetCurrentThreadId
lstrlenA
SetHandleCount
InterlockedExchange
SetConsoleCtrlHandler
GetACP
LocalHandle
GetUserDefaultLCID
WriteFile
FindAtomW
FreeEnvironmentStringsW
GetConsoleMode
TlsSetValue
SetEnvironmentVariableA
GetDateFormatA
GetOEMCP
SetUnhandledExceptionFilter
GetCurrentProcess
IsDebuggerPresent
GetLocaleInfoA
OpenMutexA
HeapAlloc
SetFilePointer
RtlUnwind
GetStartupInfoA
GetVersionExA
Sleep
GetTimeFormatA
LCMapStringW
FlushFileBuffers
SetLastError
LeaveCriticalSection
GetModuleFileNameA
GetProcAddress
QueryPerformanceCounter
DeleteCriticalSection
HeapSize
GetTickCount
GetFileType
VirtualAlloc
CreateFileA
GetStringTypeA
HeapReAlloc
CreateMailslotW
LCMapStringA
GetConsoleOutputCP
GetCommandLineA
WideCharToMultiByte
GetConsoleCP
IsValidLocale
GetEnvironmentStrings
GetProcessHeap
TlsAlloc
GetCPInfo
ExitProcess
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCurrentThread
GetLastError
GetModuleHandleA
TerminateProcess
SetConsoleCursorPosition
FreeLibrary
GetTimeZoneInformation
InterlockedDecrement
CompareStringW
GetEnvironmentStringsW
ReadFile
FreeEnvironmentStringsA
SetStdHandle
WriteConsoleW
HeapDestroy
LoadLibraryA
VirtualFree
TlsGetValue
GetLocaleInfoW
WriteConsoleA
TlsFree
HeapFree
GetCurrentProcessId
CloseHandle
CreateMutexA
EnterCriticalSection
InitializeCriticalSection
GetStringTypeW
HeapCreate
EnumSystemLocalesA
IsValidCodePage
CompareStringA

comctl32

InitCommonControlsEx

comdlg32

ChooseColorA

Sections

.text
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3cb021cc37ac503a25423dc7595c286

Headers

File Characteristics

PDB Paths

Imports

user32

wininet

kernel32

comctl32

comdlg32

Sections

.text Size: 336KB - Virtual size: 336KB

.rdata Size: 27KB - Virtual size: 47KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 336KB - Virtual size: 336KB

.rdata
Size: 27KB - Virtual size: 47KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 13KB - Virtual size: 12KB