fcfb42d814d3c64a6b0904530e7ffe85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fcfb42d814d3c64a6b0904530e7ffe85_JaffaCakes118
Size

319KB
MD5

fcfb42d814d3c64a6b0904530e7ffe85
SHA1

503a3b4ea6fec4c5a146df767ec5e9dbadd09332
SHA256

0549304a0d0b8f54f0aba3b71db837114ca3d458cb7b84ca611011dc513a48dc
SHA512

bd05284f80c1c1b3187ee4bdeab22293f9ebe216064309e643277beb865806b13ec6ee5b473c81047d7025431112a1842110f9bf73e25aeea4c7ce9dfdbe4174
SSDEEP

6144:0Lv4MSOUI+nXV3iP8KBDusVZ6+gwLH8ZchvJ1ORocSFYSPsqAkYjc:0LQMR7+nXEPFH6+g+HpvDOZSeoF8c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jm_fid.exe

Files

fcfb42d814d3c64a6b0904530e7ffe85_JaffaCakes118
.rar
GDP605.bin
GDP606.bin
GDP608.bin
GDP616.bin
GDP661.bin
GDP662.bin
GDP667.bin
GDP670.bin
GDP8115.bin
GDP8215.bin
jm_fid-history.txt
jm_fid-readme.txt
jm_fid.exe
.exe windows:4 windows x86 arch:x86

cd14ea0fb9dddef8190b0000309106f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

GetCPInfo
GetNumberOfConsoleInputEvents
GetLastError
Sleep
CreateFileA
GetVersionExA
VirtualFree
VirtualAlloc
CloseHandle
DeviceIoControl
GetCommandLineA
GetVersion
HeapFree
WriteFile
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
RtlUnwind
SetFilePointer
HeapAlloc
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
SetEndOfFile
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd14ea0fb9dddef8190b0000309106f4

Headers

File Characteristics

Imports

shell32

kernel32

Sections

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 26KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 26KB

.rsrc
Size: 1KB - Virtual size: 1KB