fe569642e99172cbcba5a2bf59df1f90_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe569642e99172cbcba5a2bf59df1f90_JaffaCakes118
Size

546KB
MD5

fe569642e99172cbcba5a2bf59df1f90
SHA1

d294d7eae8d630eca9c1a7989fa20b74ff291a08
SHA256

1deadfc3856f0189beed93ca914412e68e8db83d716d0db9f59040fbd4bf6940
SHA512

ba740c59c1ba014139518b0a917fe2ebb68b15d2d80aaae01689305f70baa7e31e990a5a3564daa89b3bb2a90beda54cf3ca173c7d62fca53f7da7bd1ea798e4
SSDEEP

12288:dq25wLD3ImzbKLvK/flty13BjiBcWvg7UhyNF6Er3bqNZESwt+0b+J5jg:k2I3IwKoflta3vWvAYNZ9SjbU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe569642e99172cbcba5a2bf59df1f90_JaffaCakes118

Files

fe569642e99172cbcba5a2bf59df1f90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e94968693c99c00148b709b14aead91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

kernel32

GetModuleHandleA
RtlUnwind
IsValidLocale
InterlockedExchange
GetCurrentThreadId
GetModuleFileNameA
EnumSystemLocalesA
SetLastError
HeapDestroy
GetStringTypeW
CreateFileA
SetEnvironmentVariableA
GetLastError
GetOEMCP
MapViewOfFileEx
TlsAlloc
GetLocaleInfoA
SetUnhandledExceptionFilter
LCMapStringA
WriteConsoleA
GetModuleFileNameW
GetEnvironmentStringsW
GetCurrentProcessId
LCMapStringW
IsValidCodePage
GetTickCount
GetConsoleCP
TlsGetValue
FindResourceW
HeapFree
IsDebuggerPresent
HeapCreate
Sleep
MultiByteToWideChar
GetProcessHeap
LoadLibraryA
ReleaseSemaphore
TlsSetValue
VirtualQuery
DeleteCriticalSection
GetLocaleInfoW
ReadFile
GetCalendarInfoA
FindNextFileA
GetSystemTimeAsFileTime
WriteFile
GetCPInfo
FreeEnvironmentStringsW
LeaveCriticalSection
GetDateFormatA
CompareStringW
InterlockedIncrement
HeapReAlloc
GetStartupInfoW
QueryPerformanceCounter
FreeLibrary
FlushFileBuffers
HeapAlloc
GetCommandLineW
HeapSize
GetCurrentThread
TlsFree
GetCommandLineA
LoadLibraryExA
VirtualAlloc
SetFilePointer
FreeEnvironmentStringsA
GetStringTypeA
GetFileType
GetCurrentProcess
SetConsoleCtrlHandler
GetEnvironmentStrings
WideCharToMultiByte
VirtualFree
GetVersionExA
UnhandledExceptionFilter
GetStdHandle
SetStdHandle
CreateMutexA
CloseHandle
WriteConsoleW
OpenMutexA
GetTimeFormatA
CompareStringA
EnterCriticalSection
SetLocaleInfoA
TerminateProcess
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
GetConsoleOutputCP
SetHandleCount
InterlockedDecrement
GetACP
GetUserDefaultLCID
CreateMailslotA
GetConsoleMode
GetTimeZoneInformation
ExitProcess

user32

RegisterClassExA
MessageBoxExA
PtInRect
IsCharAlphaNumericW
MapVirtualKeyA
DlgDirListComboBoxA
DefWindowProcA
ActivateKeyboardLayout
GetUpdateRect
DdeCmpStringHandles
FindWindowExA
OpenWindowStationA
RegisterClassA
GetKeyState

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e94968693c99c00148b709b14aead91

Headers

File Characteristics

Imports

comctl32

shell32

kernel32

user32

Sections

.text Size: 210KB - Virtual size: 210KB

.rdata Size: 9KB - Virtual size: 15KB

.data Size: 318KB - Virtual size: 317KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 210KB - Virtual size: 210KB

.rdata
Size: 9KB - Virtual size: 15KB

.data
Size: 318KB - Virtual size: 317KB

.rsrc
Size: 7KB - Virtual size: 6KB