fe305fe8f47cb129051cd7e8e7caac39_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe305fe8f47cb129051cd7e8e7caac39_JaffaCakes118
Size

559KB
MD5

fe305fe8f47cb129051cd7e8e7caac39
SHA1

ffe2bbf110a99005e3921b0ba5eee5107665ee4d
SHA256

65ffc55d70183cfdfd2479f1bda6e550afbc64117dfa5edd9562848ca47e536e
SHA512

4ca3d3348bdef6618c3a933b717bd7a41855da622bf65a9acfeecfd76ae4ee72e64b5fb55e3333fe6bee52a8fdab0bec14fb6dd66d298790c92ef6199fe73aa7
SSDEEP

12288:Odo7OhxJbhxvAzBCsobH516JCkvnxJinTDul6gui2OHwszHzL/:p8LvvAzZoVAJCkvnx2rguPOQsbn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe305fe8f47cb129051cd7e8e7caac39_JaffaCakes118

Files

fe305fe8f47cb129051cd7e8e7caac39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0faee613c54b5b5fe39418f4f9c42f6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

LoadAlterBitmap
GetSaveFileNameW
PrintDlgW
ReplaceTextW

comctl32

InitCommonControlsEx

gdi32

CreateICW
PolyPolyline
GetTextCharset
GetDCOrgEx
EnumICMProfilesA

user32

TranslateAcceleratorA
SetSystemCursor
SetLastErrorEx
SetWindowWord
UnhookWinEvent
RegisterClassA
RegisterClassExA
ChildWindowFromPointEx
SetPropW
IsDialogMessage
GetMenuStringW
SetCaretPos
GetWindowTextLengthA
GetFocus
GetScrollInfo
PeekMessageA
GetMenuCheckMarkDimensions
EnumDisplayDevicesW
SetMenuItemInfoW
UnhookWindowsHook
EditWndProc
ChangeDisplaySettingsW

wininet

InternetConfirmZoneCrossingA
GopherGetLocatorTypeA
FindCloseUrlCache
CommitUrlCacheEntryW
InternetReadFile
FindFirstUrlCacheEntryW
InternetConfirmZoneCrossing
FreeUrlCacheSpaceA

advapi32

CryptSetProviderW
LogonUserW
RegReplaceKeyW
CryptSetProvParam
InitializeSecurityDescriptor
CryptAcquireContextA
RegDeleteValueA
LookupAccountSidW
RegQueryValueA
CryptAcquireContextW
RegSaveKeyW
CreateServiceW
CryptDestroyHash
CryptHashData
LookupPrivilegeNameW
LookupSecurityDescriptorPartsW
CryptSetProviderA
RegEnumKeyExA
RegOpenKeyA
CryptGenRandom
RegSetValueExW
RegCreateKeyW
AbortSystemShutdownA
RegCreateKeyExW

kernel32

GetEnvironmentStringsW
InterlockedExchange
WideCharToMultiByte
FreeEnvironmentStringsW
QueryPerformanceCounter
LeaveCriticalSection
FreeEnvironmentStringsA
RtlUnwind
SetConsoleTextAttribute
TlsGetValue
VirtualAlloc
GlobalReAlloc
GetModuleFileNameW
lstrcmpiW
GetStringTypeW
TlsSetValue
GetProcAddress
Sleep
GetStringTypeA
InterlockedIncrement
HeapDestroy
HeapAlloc
GetConsoleOutputCP
IsDebuggerPresent
GetCommandLineA
TlsFree
SetStdHandle
HeapFree
WriteFile
GlobalGetAtomNameA
HeapReAlloc
FreeResource
OpenMutexA
TerminateProcess
HeapCreate
GetCurrentProcess
IsValidCodePage
CreateMutexA
SetFilePointer
IsBadWritePtr
WriteConsoleW
CreateFileA
CompareStringW
GetComputerNameA
GetOEMCP
EnumSystemLocalesA
MultiByteToWideChar
LoadLibraryA
GetLocaleInfoA
GetFileType
EnterCriticalSection
HeapSize
GetLocaleInfoW
GetConsoleMode
InterlockedDecrement
TlsAlloc
ReadFile
VirtualQuery
SetHandleCount
CloseHandle
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
FlushFileBuffers
IsValidLocale
WriteConsoleA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetConsoleCP
LCMapStringW
GetStdHandle
GetModuleFileNameA
FreeLibrary
GetCurrentThreadId
UnhandledExceptionFilter
GetCPInfo
WriteConsoleInputW
GetCommandLineW
SetConsoleCtrlHandler
GetCurrentProcessId
CompareStringA
GetCurrentThread
DeleteCriticalSection
GetACP
ConvertDefaultLocale
ExitProcess
SetLastError
GetStartupInfoA
EnumSystemLocalesW
GetUserDefaultLCID
SetUnhandledExceptionFilter
GetTimeFormatA
LocalAlloc
VirtualFree
GetStartupInfoW
LCMapStringA
GetTickCount
GetDateFormatA
GetModuleHandleW
GetModuleHandleA
ReleaseSemaphore
GetLastError

Sections

.text
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0faee613c54b5b5fe39418f4f9c42f6a

Headers

File Characteristics

Imports

comdlg32

comctl32

gdi32

user32

wininet

advapi32

kernel32

Sections

.text Size: 221KB - Virtual size: 220KB

.rdata Size: 11KB - Virtual size: 26KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 221KB - Virtual size: 220KB

.rdata
Size: 11KB - Virtual size: 26KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 10KB - Virtual size: 9KB