fec445e55cc769497c137767c2a626fb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fec445e55cc769497c137767c2a626fb_JaffaCakes118
Size

482KB
MD5

fec445e55cc769497c137767c2a626fb
SHA1

9c17ad10c82962178d65b9345a775e9a7e8cf0c1
SHA256

c0ba4bf1287dceab0300dffaff0e306abe53fd1caf9a0c9d2c88bea982092dcf
SHA512

d09bf94bf207ee3099a5bbc5fba7a1046fbc60a48d8719b7be443a10ca7c26976247c0a84b89a08cf460c1748777f5468ccb0c898b278cbfc9f66294fc86c55a
SSDEEP

12288:5Wkshu+5hENyei09ivzMALntJH+XWwzK3RVg:5u04F09ngrSWwzkV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fec445e55cc769497c137767c2a626fb_JaffaCakes118

Files

fec445e55cc769497c137767c2a626fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099e4fd1800dc94124834f5eab9aa841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
GetSystemInfo
FindFirstFileExA
GetCurrentThread
GetOEMCP
AllocConsole
HeapAlloc
LoadLibraryA
TlsSetValue
LeaveCriticalSection
WideCharToMultiByte
MoveFileExA
FileTimeToSystemTime
GetACP
TlsFree
TlsGetValue
FreeEnvironmentStringsA
GetStdHandle
GetStringTypeA
GlobalUnlock
SetLastError
GetDateFormatA
GetStringTypeW
GetEnvironmentStrings
ReleaseSemaphore
GetUserDefaultLCID
VirtualProtect
GetStartupInfoW
GetProcAddress
CompareStringA
GetStartupInfoA
HeapFree
CreateMailslotW
GetCommandLineW
UnhandledExceptionFilter
GetVersionExA
VirtualQuery
LCMapStringW
HeapCreate
SetEnvironmentVariableA
FreeEnvironmentStringsW
HeapDestroy
VirtualFree
GetModuleFileNameW
HeapReAlloc
LCMapStringA
ExitProcess
FormatMessageA
lstrcmp
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsBadWritePtr
GetModuleHandleA
GetLastError
HeapSize
InitializeCriticalSection
GetCurrentThreadId
SetHandleCount
WriteFile
GetCommandLineA
GetLocaleInfoA
GetCurrentProcessId
GetModuleFileNameA
IsValidCodePage
GetCPInfo
VirtualFreeEx
GetTickCount
GetTimeZoneInformation
EnterCriticalSection
GetFileType
TlsAlloc
MultiByteToWideChar
RtlUnwind
GetEnvironmentStringsW
GetSystemTimeAsFileTime
InterlockedExchange
IsValidLocale
DeleteCriticalSection
CompareStringW
GetLocaleInfoW
WriteConsoleOutputAttribute
GetTimeFormatA

advapi32

LookupPrivilegeValueA
DuplicateToken
RegCreateKeyExW
CryptExportKey
RegDeleteKeyW
CryptSetProvParam
RegConnectRegistryW
StartServiceA
CryptSetProviderExW

comdlg32

PageSetupDlgW
GetOpenFileNameA
ChooseFontW
ChooseColorW
PageSetupDlgA
ChooseColorA
GetFileTitleW
ReplaceTextA

user32

RegisterDeviceNotificationW
GetWindowModuleFileNameA
PostThreadMessageA
VkKeyScanExA
GetDesktopWindow
DialogBoxIndirectParamW
DispatchMessageA
IsIconic
GetKBCodePage
NotifyWinEvent

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099e4fd1800dc94124834f5eab9aa841

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

user32

Sections

.text Size: 197KB - Virtual size: 196KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 197KB - Virtual size: 196KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 8KB - Virtual size: 8KB