fd0ddfa334e7e3ce8b65e3bc45ae33e0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fd0ddfa334e7e3ce8b65e3bc45ae33e0_JaffaCakes118
Size

484KB
MD5

fd0ddfa334e7e3ce8b65e3bc45ae33e0
SHA1

e1cb7f5b6589c1819042fb7b8c6234cbc5708ad1
SHA256

50d0543995ee75aaef3ca815198def87f13083a6b72c7fc4a8ab083a8427c628
SHA512

7092c4c089216efb9205770f1d9edcca6b3bcf01d262c92d1eda34d4a91721a27b80cf1286e9a637a81e2a37d5df1aca78e53dd3645b741ca8798daf76e3c654
SSDEEP

12288:F+F/9ChPJ46L9JU9YKXRaJ5e52UcA/Al:F+h9Chq6L9JU9YYt1q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd0ddfa334e7e3ce8b65e3bc45ae33e0_JaffaCakes118

Files

fd0ddfa334e7e3ce8b65e3bc45ae33e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1d7420113840bacc35a399161f40712

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AbortSystemShutdownA
CryptCreateHash
CryptEnumProvidersA
CryptDeriveKey

kernel32

InitializeCriticalSection
GetCommandLineA
GetModuleHandleA
GetSystemTimeAsFileTime
HeapFree
LCMapStringW
TlsSetValue
WriteFile
InterlockedIncrement
FormatMessageA
GetTimeZoneInformation
ExitProcess
GetEnvironmentStrings
FileTimeToLocalFileTime
GetProcAddress
TerminateProcess
SetFilePointer
SetLocaleInfoA
LeaveCriticalSection
GetSystemTime
GetEnvironmentStringsW
MultiByteToWideChar
GetStringTypeA
CloseHandle
EnterCriticalSection
GetStringTypeW
VirtualFree
lstrlen
GetModuleFileNameA
CreateFileMappingA
RtlUnwind
GetStartupInfoA
OpenWaitableTimerW
CompareStringW
SetStdHandle
GetOEMCP
HeapAlloc
GetCurrentProcess
GetCPInfo
GetLocalTime
FreeEnvironmentStringsA
FreeEnvironmentStringsW
TlsGetValue
WideCharToMultiByte
HeapCreate
LoadLibraryA
HeapReAlloc
DeleteCriticalSection
GetLastError
CreateMutexA
OpenMutexA
InterlockedExchange
CompareStringA
GetCurrentProcessId
GetTickCount
InterlockedDecrement
GetVersion
TlsAlloc
SetLastError
IsBadWritePtr
ReadFile
GetFileType
GetCurrentThread
GetStdHandle
HeapDestroy
SetHandleCount
VirtualAlloc
QueryPerformanceCounter
GetCurrentThreadId
SetEnvironmentVariableA
FlushFileBuffers
UnhandledExceptionFilter
VirtualQuery
GetACP
TlsFree
LCMapStringA

user32

RegisterClassExA
MapVirtualKeyExA
LoadAcceleratorsA
GetWindowThreadProcessId
CascadeChildWindows
OpenDesktopW
SendNotifyMessageA
EqualRect
UnregisterDeviceNotification
EnumDisplaySettingsA
RegisterClassA
GetMessagePos
DdeCmpStringHandles
CopyAcceleratorTableA

wininet

InternetGetCertByURL
HttpAddRequestHeadersW
FtpPutFileEx
InternetTimeToSystemTime
FindNextUrlCacheGroup

shell32

SHBrowseForFolder
ShellAboutA

gdi32

SetFontEnumeration

comctl32

InitCommonControlsEx

Sections

.text
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1d7420113840bacc35a399161f40712

Headers

File Characteristics

Imports

advapi32

kernel32

user32

wininet

shell32

gdi32

comctl32

Sections

.text Size: 318KB - Virtual size: 318KB

.rdata Size: 39KB - Virtual size: 50KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 318KB - Virtual size: 318KB

.rdata
Size: 39KB - Virtual size: 50KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 21KB - Virtual size: 20KB