fe5d3b720a79dd960c81d70923c43ab2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe5d3b720a79dd960c81d70923c43ab2_JaffaCakes118
Size

624KB
MD5

fe5d3b720a79dd960c81d70923c43ab2
SHA1

fce9d4a027b5f012c5b7c852e83299d9a87971b3
SHA256

12eb4eff2e4bdefedf28e950e591210c9b41451113e700dd198b40089d7566d0
SHA512

a0b264b7218b09c22f4026541cc6596176d13cf1be4d40e121330856ba2dfc4382775a07becf9b225dce287d606cb09869ad0afd39e174cdc5dadf0ad77f1038
SSDEEP

12288:5eTg4C55DlVf8A8Pix5ESAvJe96C6Gcjrpsrl852HL5KYd6:5e8x955xezYr6G4NQ8M1KY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe5d3b720a79dd960c81d70923c43ab2_JaffaCakes118

Files

fe5d3b720a79dd960c81d70923c43ab2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51330eb29d80d3025aa602a5f9e9c2be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AppendMenuA
DialogBoxParamW
GetDlgItem
CloseDesktop
RemoveMenu
GetClassLongA
GetWindowWord
RegisterClassExA
GetForegroundWindow
GrayStringW
SetWindowLongA
RemovePropA
wvsprintfW
RegisterClassA
DlgDirSelectExA

advapi32

CryptExportKey
RegLoadKeyW
CryptContextAddRef
CryptAcquireContextA

kernel32

WideCharToMultiByte
GetDateFormatA
WriteProfileStringA
HeapAlloc
PulseEvent
CompareStringW
HeapReAlloc
InterlockedDecrement
SetConsoleCtrlHandler
InitializeCriticalSection
lstrcpy
GetModuleFileNameW
IsValidLocale
GetVersionExA
GetFileType
GetCurrentThread
IsValidCodePage
GetEnvironmentStrings
GetACP
GetCurrentThreadId
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetCPInfo
GetProcessHeap
GetLocaleInfoA
TlsAlloc
FindResourceExA
IsDebuggerPresent
SetFilePointer
HeapDestroy
VirtualFree
VirtualQuery
GetCurrentProcessId
SetHandleCount
LoadLibraryA
GetConsoleMode
SetLastError
HeapFree
lstrcmpA
InterlockedExchange
GetCommandLineW
FlushFileBuffers
GetModuleHandleA
WriteConsoleW
QueryPerformanceCounter
FreeLibrary
GetOEMCP
GetLocaleInfoW
GetProcAddress
GetTickCount
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetLogicalDriveStringsA
FreeEnvironmentStringsA
LeaveCriticalSection
TerminateProcess
GetTimeZoneInformation
HeapSize
HeapCreate
CompareStringA
MultiByteToWideChar
OpenMutexA
GetStartupInfoW
GetCommandLineA
TlsGetValue
EnumSystemLocalesA
SetStdHandle
InterlockedIncrement
TlsSetValue
RtlUnwind
SetUnhandledExceptionFilter
GetModuleFileNameA
CloseHandle
DeleteCriticalSection
GetCurrentProcess
GetStdHandle
GetTimeFormatA
TlsFree
GetSystemTimeAsFileTime
GetConsoleCP
Sleep
WriteConsoleA
LCMapStringW
GetStartupInfoA
GetConsoleOutputCP
ExitProcess
GetEnvironmentStringsW
CreateFileA
LCMapStringA
VirtualAlloc
CreateMutexW
SetEnvironmentVariableA
EnterCriticalSection
ReadFile
WriteFile
GetLastError
CreateMutexA

comctl32

InitCommonControlsEx

Sections

.text
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 321KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51330eb29d80d3025aa602a5f9e9c2be

Headers

File Characteristics

Imports

user32

advapi32

kernel32

comctl32

Sections

.text Size: 286KB - Virtual size: 286KB

.rdata Size: 9KB - Virtual size: 31KB

.data Size: 321KB - Virtual size: 320KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 286KB - Virtual size: 286KB

.rdata
Size: 9KB - Virtual size: 31KB

.data
Size: 321KB - Virtual size: 320KB

.rsrc
Size: 6KB - Virtual size: 5KB