fdf41813842c2d03219c0c4e12144dea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fdf41813842c2d03219c0c4e12144dea_JaffaCakes118
Size

132KB
MD5

fdf41813842c2d03219c0c4e12144dea
SHA1

3b1025d6e9b1bb4e4ac7182a836eb2f9568e390e
SHA256

b0cee567941890c52cbfb009dcdd3102783841ccd70d2552e7d5bb517590924d
SHA512

0707b0bf7c37fd28180f6cb63effeeeebcb77595085dec68b0eb658f3d3eb5129bd5655bc21aedd5ca56f09e4645d9c4b5ab540388a2cd88d59c1caa29884d17
SSDEEP

3072:cpIJOQzdOy4iP8lh5KbTkrPiaWa6mOpsbtZzKIS2jFJH2w4+Ydy:zlr2NEoWlaXzdJH2w4d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdf41813842c2d03219c0c4e12144dea_JaffaCakes118

Files

fdf41813842c2d03219c0c4e12144dea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

229a8f0bec6ce00980f2db642575db9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WritePrivateProfileStringA
GetUserDefaultLangID
GlobalUnlock
GetVersionExW
IsDebuggerPresent
VirtualQuery
VirtualProtect
LocalFileTimeToFileTime
FormatMessageA
GetStartupInfoA
lstrlenW
GetSystemInfo
GetModuleHandleA

msvcrt

memmove
__p__fmode
_ftol
_except_handler3
_XcptFilter
_controlfp
strncmp
_close
_beginthreadex
__setusermatherr
_purecall
exit
_initterm
log10
__p__commode
__set_app_type
_acmdln
_adjust_fdiv
__getmainargs

user32

FindWindowA
GetSysColorBrush
GetSubMenu
GetWindowThreadProcessId
GetLastActivePopup
FillRect
LoadIconA
UnregisterClassA
IsWindow
IsZoomed
GetIconInfo
RemoveMenu
OemToCharA
IsWindowVisible

shell32

SHGetPathFromIDListW
ExtractIconW
SHGetMalloc
SHGetFolderPathA
DragQueryFileW
SHGetSpecialFolderPathW
SHChangeNotify

gdi32

PolylineTo
TextOutW
EnumMetaFile
DeleteMetaFile
SetColorAdjustment
BeginPath
SetMapMode
Arc
FillPath
CreateMetaFileW
GetDIBits

comctl32

CreateStatusWindowA
ImageList_DragShowNolock
ImageList_SetBkColor
PropertySheetW
ImageList_Replace
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetImageCount
CreateToolbarEx

advapi32

RegEnumKeyExW
AddAccessAllowedAce
RegSetValueExW
RegQueryValueExA
InitializeAcl
RegCreateKeyExA
OpenProcessToken
SetSecurityDescriptorOwner
RegQueryInfoKeyW
FreeSid

oleaut32

SysStringLen
SetErrorInfo
SafeArrayPutElement
SafeArrayRedim
SafeArrayPtrOfIndex

version

GetFileVersionInfoSizeA
VerFindFileW
VerInstallFileA
GetFileVersionInfoW
VerInstallFileW
GetFileVersionInfoSizeW
VerLanguageNameA

ole32

CoCreateGuid
CreateBindCtx
CoGetInterfaceAndReleaseStream
StgOpenStorage
CoGetMalloc
PropVariantClear
CoInitialize
IIDFromString
ReleaseStgMedium
CoGetClassObject

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

229a8f0bec6ce00980f2db642575db9e

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

gdi32

comctl32

advapi32

oleaut32

version

ole32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 95KB - Virtual size: 152KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 95KB - Virtual size: 152KB