fe71cf27e22a7cc89dbb967dca8001ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe71cf27e22a7cc89dbb967dca8001ac_JaffaCakes118
Size

225KB
MD5

fe71cf27e22a7cc89dbb967dca8001ac
SHA1

5ff7fa56e4ea71c0ba2c1dcb415464c4f1cafb8e
SHA256

49905bf066ea3898f03ac6ee5e5a2d42ccdb8da3f8d7a7fd734f45d79031fe66
SHA512

f26d683e927a8de0d39cab875f50ffb69085386c46711197348324d4e5f3fffb8b7b3d5b9ae0e9185dff5357c23c7b8b59798da60047c7a88766be7dfb85c791
SSDEEP

6144:OcTcDNR1jD1rXcnAMZ8yYGim6IY5Z/G9D5WmHsO:TTWE8yl1YfG1Ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe71cf27e22a7cc89dbb967dca8001ac_JaffaCakes118

Files

fe71cf27e22a7cc89dbb967dca8001ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

063678a973a0a52a0dcd875a927841ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetLogicalDriveStringsA
IsDebuggerPresent
lstrcmp
MulDiv
CompareFileTime
MoveFileA
GetNumberFormatA
OpenEventA
IsBadWritePtr
LoadLibraryA
QueryPerformanceCounter
GlobalGetAtomNameW
GetHandleInformation
QueryPerformanceFrequency
GetVersion
GetTempFileNameW
FileTimeToLocalFileTime
lstrcmpW
FindResourceA
GetComputerNameA
FreeLibrary
GetVolumeInformationW
BeginUpdateResourceW
GlobalAlloc
Sleep
GetVersionExW
lstrcmpiW
CopyFileExW
CreateEventW
GetUserDefaultLCID
LocalFree
GetLongPathNameW
CreatePipe
DisconnectNamedPipe
ConnectNamedPipe
GetWindowsDirectoryW
GetStringTypeA
SetComputerNameW
lstrcmpi
IsBadCodePtr
GetCurrentProcessId
SetCurrentDirectoryA
GetProcAddress
AddAtomW
GetFileTime
ExitThread
GetDiskFreeSpaceW
lstrcmpiA

user32

GetForegroundWindow
AppendMenuW
MessageBoxIndirectW
DialogBoxIndirectParamW
CharPrevW
CreateDialogParamW
CheckRadioButton
CheckMenuRadioItem
EndMenu
CharLowerW
CreateDesktopW
GetWindowRect
EnumChildWindows
RegisterClassExA
CharUpperA
IsIconic
MoveWindow
SetWindowPos
CreateCaret

gdi32

CreateColorSpaceW
ResizePalette
SelectClipPath
EndFormPage
GetLogColorSpaceA
CreateRectRgn
StretchDIBits
CloseMetaFile
GetPaletteEntries
GetPixel
GetCharWidthI
CreateDCW
DeleteEnhMetaFile
ExtTextOutW

advapi32

RegReplaceKeyA
RegRestoreKeyA
RegFlushKey
RegOpenKeyA
RegCloseKey

shlwapi

PathIsDirectoryA
wnsprintfW
PathRemoveExtensionW
AssocCreate
PathBuildRootW
UrlGetPartA
SHGetThreadRef
PathIsRootW
AssocQueryKeyA

oleaut32

VarDecFromUI8

urlmon

URLOpenBlockingStreamA
GetComponentIDFromCLSSPEC
MkParseDisplayNameEx
DllRegisterServerEx
DllUnregisterServer
CreateURLMoniker
URLOpenBlockingStreamW
SetSoftwareUpdateAdvertisementState
HlinkNavigateString
PrivateCoInstall
CoInternetCompareUrl
CopyBindInfo
URLDownloadA
CoGetClassObjectFromURL
CreateFormatEnumerator
DllRegisterServer
URLDownloadToFileW
AsyncGetClassBits
URLDownloadW
Extract

winmm

waveInOpen
sndPlaySoundW
mixerGetDevCapsA
mmioStringToFOURCCA
midiOutGetErrorTextA
joy32Message
midiInAddBuffer
GetDriverModuleHandle
WOWAppExit
midiOutCachePatches

Sections

.KAYd
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Tz
Size: 3KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.O
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VS
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.G
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IPu
Size: 4KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.epz
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OlsZXZ
Size: 4KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

063678a973a0a52a0dcd875a927841ee

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

oleaut32

urlmon

winmm

Sections

.KAYd Size: 9KB - Virtual size: 9KB

.Tz Size: 3KB - Virtual size: 420KB

.O Size: 85KB - Virtual size: 84KB

.VS Size: 14KB - Virtual size: 14KB

.G Size: 1024B - Virtual size: 40KB

.IPu Size: 4KB - Virtual size: 26KB

.epz Size: 85KB - Virtual size: 85KB

.data Size: 9KB - Virtual size: 112KB

.OlsZXZ Size: 4KB - Virtual size: 187KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.KAYd
Size: 9KB - Virtual size: 9KB

.Tz
Size: 3KB - Virtual size: 420KB

.O
Size: 85KB - Virtual size: 84KB

.VS
Size: 14KB - Virtual size: 14KB

.G
Size: 1024B - Virtual size: 40KB

.IPu
Size: 4KB - Virtual size: 26KB

.epz
Size: 85KB - Virtual size: 85KB

.data
Size: 9KB - Virtual size: 112KB

.OlsZXZ
Size: 4KB - Virtual size: 187KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B