fe7f67e9a26c42e1bac3cddb8fd2e108_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe7f67e9a26c42e1bac3cddb8fd2e108_JaffaCakes118
Size

2.8MB
MD5

fe7f67e9a26c42e1bac3cddb8fd2e108
SHA1

4484cd66f3aa4db750c9cf70b53044a14993c42f
SHA256

2ef3d86fed62cdb7aa1f7134fab508bc1fbf34686ccf1220c80911462c5b80bf
SHA512

30fd85cb6b8ddff53f203843d7fa687d8ac336441cfcdcac712f755e6cd2986d5e7f44904ef4169e13f240bf4575124d5b97d914c3300a53e753884998b6a7e7
SSDEEP

49152:JI8+0aT+Fn/fwSVz2Uwlro7yDrVDOgz+FiMLIa+9PR1BqHMpqwq/EQEbqWRYWqVg:Jh+sn3T1wpo7yPVDOdAE1KPR1By8qwqX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe7f67e9a26c42e1bac3cddb8fd2e108_JaffaCakes118

Files

fe7f67e9a26c42e1bac3cddb8fd2e108_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f298684766ab191bc2ac460a9415bf7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationW
EndUpdateResourceW
GetProcAddress
GetFullPathNameW
LoadLibraryA
CommConfigDialogW
DefineDosDeviceA
ReadFileScatter
CopyFileW
GlobalUnfix
EnumResourceTypesA
GetLongPathNameA
GlobalFree
MulDiv
GetVersionExW
BeginUpdateResourceA
lstrcatA
SetHandleCount
DebugActiveProcessStop
EnumResourceNamesW
GetPrivateProfileStructW
GetCommState
GetLogicalDriveStringsW
BackupSeek
OpenSemaphoreW
GetSystemTime
GetCurrentThread
LocalShrink
FlushViewOfFile
GetLastError
InterlockedIncrement
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
AddAtomW
GlobalFindAtomW
ReadFile
GetPrivateProfileStringW
GetDiskFreeSpaceW
GetProcessHeap
ContinueDebugEvent
GetSystemInfo
GetTempFileNameA
CancelIo
GetEnvironmentVariableA
GetProcessAffinityMask
TlsFree
GetPrivateProfileIntW
SetThreadPriorityBoost
RemoveDirectoryW
GetTempFileNameW
LocalFileTimeToFileTime
GlobalGetAtomNameA
IsBadHugeReadPtr
ResetWriteWatch
GetAtomNameA
GetCurrentProcess
GetWindowsDirectoryW
ReadProcessMemory
FindAtomW
GetPrivateProfileSectionNamesA
Beep
EndUpdateResourceA
lstrcpynW
QueryPerformanceFrequency
GetNumaNodeProcessorMask
CreateNamedPipeA
GetFileAttributesW
GetCommandLineW
WriteProfileStringW
GlobalUnWire
GetVolumeInformationA
DeleteFileW
GetFileAttributesExW
GlobalHandle
GetCommProperties
OpenFileMappingW
WriteFileGather
GetTickCount
FormatMessageA
DefineDosDeviceW
SetCommState
FormatMessageW
GlobalFlags
OutputDebugStringA
SetCurrentDirectoryA
OpenMutexW
FatalAppExitW
IsBadHugeWritePtr
LoadModule
SearchPathA
GetThreadPriority
IsBadCodePtr
GetThreadTimes
SetTapePosition
BeginUpdateResourceW
DeviceIoControl
FindFirstFileW
GlobalGetAtomNameW
EnumResourceNamesA
IsBadReadPtr
FreeLibraryAndExitThread
FindResourceA
FlushInstructionCache
LoadLibraryW
SetCurrentDirectoryW
GetDriveTypeW
GetTimeZoneInformation
SetEnvironmentVariableW
EnumResourceTypesW
HeapWalk
TlsAlloc
MoveFileW
BackupRead
GetBinaryTypeW
VirtualQuery
SetVolumeLabelW
GetProcessId
GetTapePosition
DebugActiveProcess
CreateFileMappingW
GetProfileSectionA
GetLocalTime
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoA
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetACP
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStrings
CallNamedPipeW
CreateDirectoryA
GetCurrentThreadId
lstrlenW
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleMode
GetConsoleCP
GetStringTypeA
GetModuleFileNameA
WriteFile
HeapReAlloc
VirtualAlloc
GlobalUnlock
RaiseException
GetPrivateProfileSectionNamesW
MoveFileA
DeleteAtom
FlushFileBuffers
GetCurrentDirectoryA
GetEnvironmentStringsW
GetVersion
GetVersionExA
FindFirstChangeNotificationA
BuildCommDCBW
SetErrorMode
TerminateProcess
CreateFileW
SleepEx
GetDefaultCommConfigW
SetLastError
SystemTimeToFileTime
SetFileShortNameA
FreeResource
CreateProcessW
FindNextFileA
SetProcessWorkingSetSize
DuplicateHandle
WritePrivateProfileStructW
ExpandEnvironmentStringsW
GetCompressedFileSizeW
CloseHandle
OpenSemaphoreA
OpenMutexA
GetSystemWindowsDirectoryA
GlobalLock
SetFileAttributesW
WideCharToMultiByte
DosDateTimeToFileTime
GetDiskFreeSpaceA
SetFirmwareEnvironmentVariableW
CreateDirectoryExW
OpenProcess
GetCommandLineA
GetNamedPipeInfo
WritePrivateProfileSectionW
GetEnvironmentVariableW
GetSystemTimeAsFileTime
GetFileType
FreeEnvironmentStringsA
GetProfileStringW
SetSystemTime
SetEndOfFile
ExitProcess
GetOverlappedResult
SetMessageWaitingIndicator
MoveFileExW
SetUnhandledExceptionFilter
GlobalSize
GetStdHandle
OutputDebugStringW
CreateFileMappingA
SetThreadExecutionState
FindFirstFileA
GetDefaultCommConfigA
SetMailslotInfo
GetShortPathNameW
GetAtomNameW
SetupComm
CancelDeviceWakeupRequest
GetFileInformationByHandle
SetStdHandle
GetCurrentProcessId
GetPrivateProfileIntA
SetFileTime
ClearCommError
InterlockedCompareExchange
InterlockedExchange
Sleep
RtlUnwind
HeapFree
HeapAlloc
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetStartupInfoA
LCMapStringA
LCMapStringW
GetStringTypeW
TlsGetValue
TlsSetValue
HeapSize
HeapCreate
VirtualFree

user32

GetClassNameA
MoveWindow
LoadStringW
CharNextW
MessageBoxW
SetWindowPos
SetWindowLongW
CharLowerW
CallWindowProcW
DestroyWindow
ShowWindow
CharUpperW
SendMessageW
GetWindowRect
RealGetWindowClassA
SystemParametersInfoW
RealGetWindowClassW
SetWindowTextW
EnumChildWindows
GetClassNameW

advapi32

RegDeleteValueW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree

oleaut32

VarUI4FromStr

comctl32

ord17

Sections

.text
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.3MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f298684766ab191bc2ac460a9415bf7f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 393KB - Virtual size: 392KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 2.3MB - Virtual size: 2.4MB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 55KB - Virtual size: 55KB

.text
Size: 393KB - Virtual size: 392KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 2.3MB - Virtual size: 2.4MB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 55KB - Virtual size: 55KB