fcfa8f13d158a3d763951d3c6d3c26c5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fcfa8f13d158a3d763951d3c6d3c26c5_JaffaCakes118
Size

552KB
MD5

fcfa8f13d158a3d763951d3c6d3c26c5
SHA1

6b5b592e33a1082c199af8b694288735519c89f1
SHA256

6d036a43693532de2b74795bebbb155bccbd837b219f715ace80932c5c11997e
SHA512

bfe48c74d258e0c4fdc476a56739ec885fe55146ce1281a6992a76a32a9c42e5700437e6db7e1199db1d6025f7f650263850436ab53b22cee094b5fede8dbcb0
SSDEEP

12288:yCj+BC3YheQRGrPwG4irtK89JEc34yFirAXYgq1ZeEr5E:33YcQR0wert9WCiEog65

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcfa8f13d158a3d763951d3c6d3c26c5_JaffaCakes118

Files

fcfa8f13d158a3d763951d3c6d3c26c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0506dd73bfbb7328437f2cce8bc5304

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InSendMessageEx
GetDesktopWindow
IsCharLowerA
LoadCursorA
OpenWindowStationW
LoadImageA
MenuItemFromPoint
CreateIconFromResource
CreateWindowExW
SwitchToThisWindow
ExitWindowsEx
SetRectEmpty
GetIconInfo
ArrangeIconicWindows
CharUpperBuffW
SetCapture
EndDeferWindowPos
ChangeDisplaySettingsW
EmptyClipboard
GetProcessDefaultLayout
EnableScrollBar
TrackMouseEvent
RegisterClassExA
GetClassLongW
SystemParametersInfoA
GetWindowRect
DdeCreateDataHandle
IsCharAlphaNumericA
PostMessageW
GetScrollBarInfo
RegisterClassExW
SetWindowsHookA
LoadStringW
SetPropW
MsgWaitForMultipleObjectsEx
PostMessageA
DrawEdge
CharUpperA
DdeGetLastError
DrawIcon
RegisterClassA
DefMDIChildProcW
GetQueueStatus
MessageBeep
GetKBCodePage
SetScrollInfo
SetCursorPos
CreateIconIndirect
RegisterClipboardFormatA
SetProcessDefaultLayout
WINNLSGetEnableStatus

kernel32

FindFirstFileW
GetStringTypeW
FlushConsoleInputBuffer
ReadConsoleOutputAttribute
TerminateProcess
UnhandledExceptionFilter
OpenFile
GetStdHandle
LeaveCriticalSection
InitializeCriticalSection
CompareStringW
GetTickCount
FindResourceW
SetEnvironmentVariableA
GetVolumeInformationW
GetTimeFormatW
GetTimeFormatA
LocalReAlloc
DeleteFileW
IsValidLocale
CreateNamedPipeW
GetCurrentProcess
InterlockedExchange
TlsSetValue
GetWindowsDirectoryW
ReadConsoleInputW
PulseEvent
GetStringTypeA
WriteFile
GetLastError
GetSystemInfo
GetUserDefaultLCID
QueryPerformanceCounter
GetLocaleInfoW
WriteConsoleOutputA
VirtualFree
GetCurrentProcessId
GetModuleHandleA
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCurrentThreadId
GetFileTime
GetLocaleInfoA
VirtualQuery
LCMapStringW
GetACP
SetFilePointer
GetDiskFreeSpaceA
GetOEMCP
CreateEventA
HeapSize
GetProcAddress
LoadLibraryA
VirtualProtect
RtlUnwind
GetCurrentThread
GetTimeZoneInformation
GetFileType
VirtualAlloc
GetDiskFreeSpaceW
IsBadWritePtr
MultiByteToWideChar
EnterCriticalSection
SetStdHandle
EnumDateFormatsA
HeapDestroy
CompareStringA
WideCharToMultiByte
OpenMutexA
FreeEnvironmentStringsW
GetDateFormatA
TlsFree
GetComputerNameA
GetSystemTimeAsFileTime
EnumSystemLocalesW
LCMapStringA
TlsGetValue
GetSystemTime
HeapAlloc
TlsAlloc
CloseHandle
FlushFileBuffers
SetLastError
ExitProcess
HeapCreate
GetCPInfo
GetVersionExA
CreateMutexA
ReadFile
EnumSystemLocalesA
GetModuleFileNameA
HeapReAlloc
GetEnvironmentStringsW
DeleteCriticalSection
GetCommandLineA
LocalAlloc
IsValidCodePage
SetHandleCount
HeapFree

gdi32

GetDeviceCaps
CreatePolygonRgn
EnumFontsW
DeleteObject
EnableEUDC
GetStockObject
DeleteColorSpace
GetObjectW
DeleteDC
CreateDCA

advapi32

LookupAccountNameW
InitiateSystemShutdownA
StartServiceW
RegOpenKeyExW
CryptGetProvParam
RegQueryValueExW
RegCreateKeyW
RegSetKeySecurity
CryptGetHashParam
LookupPrivilegeDisplayNameW

comctl32

ImageList_GetIcon
InitCommonControlsEx
CreateToolbarEx
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_AddIcon
_TrackMouseEvent
ImageList_SetOverlayImage
ImageList_SetDragCursorImage
ImageList_SetBkColor

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0506dd73bfbb7328437f2cce8bc5304

Headers

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

comctl32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 112KB - Virtual size: 120KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 112KB - Virtual size: 120KB

.rsrc
Size: 16KB - Virtual size: 14KB