fe0d48989d1ada28ba52dc1e29075efb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe0d48989d1ada28ba52dc1e29075efb_JaffaCakes118
Size

519KB
MD5

fe0d48989d1ada28ba52dc1e29075efb
SHA1

a22ca3a66f5116a2f6a20e7d442dc69419559e78
SHA256

3aa58e6498921db32f4e04eab9ac63b909745ad755da9b63c1ae7db80c657320
SHA512

ce686b89ebea928b2fcdf45664e0aabcd57c1d8f197aed10b4706e485b6c5aec73536fa0073f3ec5072fae9fb590ab7416d39559d20cc2939d7dcd92c033c5c6
SSDEEP

12288:5cIP1V9LOhNAOAX1wQwacZ253bnzu3fxGttEhmXda3Hy:5cIPdLOhNLQcatnzuPmtEYta3H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe0d48989d1ada28ba52dc1e29075efb_JaffaCakes118

Files

fe0d48989d1ada28ba52dc1e29075efb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

666fdcc5126c7fe44d65ddc560c4853b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextW
CryptContextAddRef
CryptGetDefaultProviderA
RegOpenKeyA
LookupSecurityDescriptorPartsW
CryptGenRandom
RegOpenKeyW
CryptEncrypt
CryptGetDefaultProviderW
CryptGenKey
RegEnumValueA
RegEnumKeyExW
RegQueryInfoKeyA
CryptEnumProviderTypesA
LookupPrivilegeDisplayNameW
RegRestoreKeyA
LookupAccountSidW
InitializeSecurityDescriptor
CryptSetProvParam
RegReplaceKeyW
ReportEventW
LookupAccountNameW

kernel32

EnumSystemLocalesA
HeapAlloc
TerminateProcess
CompareStringA
IsValidLocale
HeapSize
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
GetACP
VirtualQuery
GetProcAddress
InterlockedExchange
SetStdHandle
CloseHandle
GetProfileIntW
GetStdHandle
HeapFree
VirtualFree
GetStartupInfoW
GetOEMCP
GetConsoleOutputCP
HeapDestroy
RtlUnwind
IsValidCodePage
FillConsoleOutputCharacterW
GetPrivateProfileIntA
QueryPerformanceCounter
VirtualAlloc
GetLocaleInfoW
GetCurrentProcessId
WriteConsoleA
GetCPInfo
FreeResource
GetTickCount
Sleep
GetCurrentThreadId
GetFileType
EnterCriticalSection
WideCharToMultiByte
FindResourceExA
GetCommandLineA
GetModuleFileNameW
HeapCreate
LCMapStringW
lstrcpy
UnlockFileEx
GetModuleFileNameA
GetLastError
InterlockedDecrement
GetStringTypeA
GetTimeFormatA
FreeEnvironmentStringsW
GetConsoleTitleW
GetStartupInfoA
WriteConsoleW
LCMapStringA
ReadFile
GetCurrentProcess
MultiByteToWideChar
SetLastError
HeapLock
GetConsoleCP
SetUnhandledExceptionFilter
TlsSetValue
LeaveCriticalSection
SetEnvironmentVariableA
FileTimeToSystemTime
DeleteCriticalSection
GetAtomNameA
InterlockedIncrement
TlsGetValue
LoadLibraryA
CreateMutexA
WriteConsoleOutputCharacterW
GetConsoleMode
GetModuleHandleA
GetLocalTime
GetModuleHandleW
FreeLibrary
GetTimeZoneInformation
SetFilePointer
TlsAlloc
CompareStringW
HeapReAlloc
GetDateFormatA
SetHandleCount
GetCurrentThread
LoadModule
FlushFileBuffers
CreateFileA
ExitProcess
TlsFree
GetLocaleInfoA
SetConsoleCtrlHandler
TransactNamedPipe
GetEnvironmentStringsW
TerminateThread
UnhandledExceptionFilter
GetStringTypeW
GetCommandLineW
CreateWaitableTimerA
OpenMutexA
WriteFile
GetUserDefaultLCID
LocalShrink
GetCurrencyFormatW
GetSystemTimeAsFileTime

comctl32

InitCommonControlsEx

wininet

FtpPutFileEx

user32

ShowOwnedPopups
DlgDirSelectComboBoxExW
GetAltTabInfo
RegisterClassA
RegisterClassExA
WINNLSGetIMEHotkey

gdi32

SetStretchBltMode
PtVisible
CreatePolyPolygonRgn
GetClipRgn
GetRandomRgn
FillPath
GetPolyFillMode
GetViewportOrgEx
Ellipse
GetICMProfileA
CreateRectRgnIndirect
GetCharWidthA
SetMetaFileBitsEx

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

666fdcc5126c7fe44d65ddc560c4853b

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

wininet

user32

gdi32

Sections

.text Size: 186KB - Virtual size: 186KB

.rdata Size: 10KB - Virtual size: 35KB

.data Size: 315KB - Virtual size: 314KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 186KB - Virtual size: 186KB

.rdata
Size: 10KB - Virtual size: 35KB

.data
Size: 315KB - Virtual size: 314KB

.rsrc
Size: 6KB - Virtual size: 5KB