fefe5fc9d48b13dfb6c1a7fc0ea84308_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fefe5fc9d48b13dfb6c1a7fc0ea84308_JaffaCakes118
Size

279KB
MD5

fefe5fc9d48b13dfb6c1a7fc0ea84308
SHA1

9574613a12230ef6fb174f20e3458678a0d369e3
SHA256

95d7eb9127094a7570b17e08413e744deeb6e59ffee92cd123951b1656d71845
SHA512

97941c5c91050952f8b160e852ff82cf43cd46a70522689bac09c645acc70454aa2f9d53ff9d61f849255e2838753199a0d4b1154f82a18de4cd6e991501cc63
SSDEEP

6144:b4o46xZ+vqreyDNEH2seqjq8s6eh1JVYQONBqUPUjf0ggEhLZ+lDl:b06r99NbYjq8sbLJVYQNyZggEhQlD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fefe5fc9d48b13dfb6c1a7fc0ea84308_JaffaCakes118

Files

fefe5fc9d48b13dfb6c1a7fc0ea84308_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3b25e6131652db656aeeeda822c2746a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

CreateICW
SetBkColor
GetDeviceCaps
CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC
SetTextColor
SetRectRgn
PatBlt
CombineRgn
LineTo
CreateFontIndirectW
TextOutW
CreatePen

msvcrt

_XcptFilter
__p__commode
srand
time
isdigit
__setusermatherr
_cexit
_c_exit

advapi32

RegDeleteValueW
RegSetValueExW
RegCreateKeyW
RegFlushKey

user32

TranslateAcceleratorW
GetSystemMetrics
GetSysColor
GetMenu
EnableMenuItem
EndDialog
IsIconic
DefWindowProcW
SetCursor
wsprintfW
LoadIconW
DialogBoxParamW
InvalidateRect
ShowWindow
SetTimer
CreateWindowExW
UpdateWindow
LoadBitmapW
LoadCursorW
PostMessageW
WinHelpW
MessageBeep

kernel32

GetTickCount
OpenThread
ConnectNamedPipe
CreateNamedPipeA
HeapSetInformation
HeapAlloc
GetStringTypeExA
lstrcpyA
GetSystemTimeAdjustment
SetThreadAffinityMask
GetCurrentDirectoryA
lstrcatA
GetUserDefaultUILanguage
SetLocaleInfoA
SetPriorityClass
GetQueuedCompletionStatus
GetThreadLocale
GetCurrentProcessId
lstrcpynA
GetFileTime
GetUserDefaultLCID
GetThreadSelectorEntry
HeapFree
RtlFillMemory
GetCurrentProcess
AssignProcessToJobObject
TransactNamedPipe
SetFilePointer
GetEnvironmentStringsA
GetUserDefaultLangID
DecodePointer
SetNamedPipeHandleState
UnmapViewOfFile
ConvertDefaultLocale
FreeEnvironmentStringsA
WaitForMultipleObjects
GetThreadIOPendingFlag
lstrlenA
HeapUnlock
SetThreadLocale
GetNamedPipeInfo
DosDateTimeToFileTime
EncodePointer
CreateFileMappingA
CloseHandle
GetSystemTimes
GetSystemDefaultLCID
MapViewOfFile
LeaveCriticalSection
HeapDestroy
InterlockedExchange
GetSystemTime
InterlockedFlushSList
VirtualAllocEx
GetThreadPriorityBoost
ReadFileEx
lstrlenW
HeapCreate
SetFirmwareEnvironmentVariableA
InitializeCriticalSection
InterlockedPushEntrySList
lstrcatW
OpenFileMappingA
HeapSummary
SetLastError
InterlockedCompareExchange
EnterCriticalSection
CreateIoCompletionPort
CreateFileA
GetSystemDefaultLangID
PostQueuedCompletionStatus
SetThreadUILanguage
GetFileAttributesA
ReadFile
WaitForMultipleObjectsEx
InterlockedPopEntrySList
HeapCompact
DisconnectNamedPipe
FileTimeToSystemTime
SetThreadPriorityBoost
WriteFileGather
SystemTimeToFileTime
SetFilePointerEx
GetSystemDefaultUILanguage

Sections

.text
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b25e6131652db656aeeeda822c2746a

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvcrt

advapi32

user32

kernel32

Sections

.text Size: 187KB - Virtual size: 187KB

.data Size: 58KB - Virtual size: 57KB

.rsrc Size: 33KB - Virtual size: 564KB

.text
Size: 187KB - Virtual size: 187KB

.data
Size: 58KB - Virtual size: 57KB

.rsrc
Size: 33KB - Virtual size: 564KB