fdf1df86cd2e5559c1daf46a313fe5f4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fdf1df86cd2e5559c1daf46a313fe5f4_JaffaCakes118
Size

32KB
MD5

fdf1df86cd2e5559c1daf46a313fe5f4
SHA1

2b2da40440a92028dbb9ac79290271646b8e0fa4
SHA256

170424ac9887d38b497d437257234f95cf71e8b9ea06331a0f2bbbb43f42b72b
SHA512

f2ca903bf9ffe9b36c71bd50b7372abf1d956697fd0856c86db4cb7961772b3983413c041b8e11cd8c3b8e1a6536d3af1a97f35d0969505660f1adf9774d8831
SSDEEP

384:FaUeUAoO8krcmqBGqaMe7QfTR/9gZYX0uobxDonF:F/eGmqY13SXgiXjkxDonF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdf1df86cd2e5559c1daf46a313fe5f4_JaffaCakes118

Files

fdf1df86cd2e5559c1daf46a313fe5f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b959994e9340146e9fd6db7b8d089b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
WriteFile
WideCharToMultiByte
Sleep
CopyFileW
ReadFile
CreateFileW
lstrcatA
MultiByteToWideChar
lstrlenW
GetLastError
CloseHandle
DeleteFileA
lstrcpyA
GetTickCount
GetModuleHandleA
CreateMutexA
HeapCreate
lstrcmpA
HeapDestroy
FindFirstFileA
FindClose
FindNextFileA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
HeapAlloc
lstrlenA
GetFileSize
CreateFileA
RtlUnwind
ExitProcess
GetCommandLineW

user32

DefWindowProcA
ShowWindow
DispatchMessageA
UpdateWindow
LoadCursorA
TranslateMessage
SetTimer
BeginPaint
IsWindow
GetWindowTextA
wsprintfW
EnumWindows
wsprintfA
KillTimer
EndPaint
GetMessageA
RegisterClassExA
PostQuitMessage
LoadIconA
CreateWindowExA
TranslateAcceleratorA

advapi32

RegSetValueExA
RegQueryValueExW
RegOpenKeyA
RegQueryValueExA

shell32

CommandLineToArgvW
SHGetFolderPathA
ShellExecuteA

ole32

CoUninitialize
CLSIDFromProgID
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SafeArrayUnaccessData
SysAllocStringByteLen
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 8B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b959994e9340146e9fd6db7b8d089b1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 1KB

.CRT Size: 8B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 1KB

.CRT
Size: 8B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB