fb94b0a4ac7d7fff50a121024061222a_JaffaCakes118

General

Target

fb94b0a4ac7d7fff50a121024061222a_JaffaCakes118
Size

169KB
MD5

fb94b0a4ac7d7fff50a121024061222a
SHA1

be03b847836f1ca452bafaac0c872ef34eabbb80
SHA256

b6c63a936e101dc3784d42983eb6efe4f937ac735fbe5808898bf76334cdd290
SHA512

a3f443c8bd210229024bbce1b8cdacd42d26c7234d9ea1a210948b3b55e1aa21ad311744c9a438f5eda6e2a3924a0d0c42ddab78f723ff072352e43dd48df1b8
SSDEEP

3072:BbUL4+8zsVOIZ/rpMT66y0v8LNDZLuha5IUdrpjfWy9qK6PNWKvEoufZZn8X:Oy8lMtyW8LNlLuOIUTfWKqKuNrvEz+X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb94b0a4ac7d7fff50a121024061222a_JaffaCakes118

Files

fb94b0a4ac7d7fff50a121024061222a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ceece3b22a5e30fc791ae9496454f4b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetFileInfoW

advapi32

RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoRegisterClassObject
CoTaskMemRealloc
CoCreateInstance
CoRevokeClassObject
CoUninitialize
StringFromCLSID

kernel32

FillConsoleOutputAttribute
GetCPInfo
GetLastError
lstrcmpiW
GlobalFree
GetACP
GetProcessWorkingSetSize
OutputDebugStringW
WideCharToMultiByte
InitializeCriticalSection
GetTickCount
FindClose
EnumResourceNamesW
lstrcpyW
lstrlenW
FreeEnvironmentStringsW
lstrcpyA
GlobalAlloc
MultiByteToWideChar
CreateFileMappingW
LockResource
GetModuleHandleW

psapi

GetProcessMemoryInfo

user32

KillTimer
DispatchMessageW
CharNextW
TranslateMessage
GetWindowLongA
CharUpperW
wsprintfW
PostThreadMessageW
GetDC
GetMessageW
SetTimer
UnregisterClassA

gdi32

GetOutlineTextMetricsW
DeleteObject
CreateFontIndirectW
SelectObject
GetTextMetricsW
AddFontResourceExW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ceece3b22a5e30fc791ae9496454f4b5

Headers

File Characteristics

Imports

shell32

advapi32

ole32

kernel32

psapi

user32

gdi32

oleacc

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 62KB - Virtual size: 61KB

.isete Size: 1024B - Virtual size: 248KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 62KB - Virtual size: 61KB

.isete
Size: 1024B - Virtual size: 248KB