fca9013d62255b5b87dc424d9b31a374_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fca9013d62255b5b87dc424d9b31a374_JaffaCakes118
Size

258KB
MD5

fca9013d62255b5b87dc424d9b31a374
SHA1

cce3090b826160c88f4d3f8b31a0fc04f8f58391
SHA256

e63c3f646e605ded00258e02f7e8ac50ca438841ac85647db1aa0b89bc8cb104
SHA512

475083dec0264e63374be3e929319aa0238fb70226cb7ad6f7006341f4c6c84c243fe893b600434fbeba4b361ff37cc330b15ead3f9007671fbf537916f5e796
SSDEEP

6144:YDC0INoZFuGwPp8j3qB/ZS6sInxQg0AiKN4NYqA7pV:RCZFfj3iBEU8KN4NHA7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fca9013d62255b5b87dc424d9b31a374_JaffaCakes118

Files

fca9013d62255b5b87dc424d9b31a374_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac3f8dc1ff3b8887df3fb055841add16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrA
lstrcatW
WinExec
GetCurrentDirectoryA
GetDateFormatW
GetNumberFormatA
GetCurrentProcessId
GetProcAddress
GetLocalTime
CreateMailslotA
EnumTimeFormatsA
ReplaceFileW
FileTimeToDosDateTime
CreateMutexW
GetModuleFileNameA
CreateDirectoryA
EnumCalendarInfoW
BeginUpdateResourceW
LoadLibraryExA
GetLastError

user32

EndDialog
GetClassInfoW
RegisterWindowMessageA
GetAsyncKeyState
SetParent
GetWindowRgn
UnregisterClassA
CreateDesktopW
GetActiveWindow
GetForegroundWindow
SendDlgItemMessageW
CopyRect
GetMenuStringA
GetMenuItemInfoA
GetTopWindow
GetScrollPos
FindWindowW
GetFocus
GetMenuItemRect
LoadCursorW
GetDesktopWindow
RemoveMenu
WaitMessage
InsertMenuItemW
PeekMessageA
CopyIcon
MonitorFromRect
wvsprintfA
LoadCursorA
InsertMenuItemA
PostMessageA
UpdateLayeredWindow
LoadBitmapW
EnumWindows
CreateDialogIndirectParamA
CharPrevA
EndMenu

gdi32

CreateMetaFileW
DeleteObject
CreateFontIndirectA
CreateRectRgn
ExtCreateRegion
CreateSolidBrush
CreateFontA
CreateBrushIndirect
CreatePolygonRgn
CreateColorSpaceW
GetStockObject
CreateMetaFileA
GetEnhMetaFileW
CreateFontW
GdiGetBatchLimit

shell32

StrStrW
FreeIconList
StrCmpNW
StrRStrW
StrChrIA
Shell_NotifyIconA
SHBrowseForFolderW
Shell_NotifyIcon
SHGetSpecialFolderLocation
StrNCmpA
StrRStrA
ExtractIconExA
SHGetFolderPathW

oleaut32

VariantInit
SafeArrayUnlock
VarDateFromR8
SafeArrayPtrOfIndex
VarBoolFromUI1
VarI4FromUI1
VarCyAbs
VarR8FromCy
VarUI1FromCy
VarAnd

wininet

GetUrlCacheHeaderData
InternetWriteFileExA
FtpRemoveDirectoryW
ShowCertificate
GopherOpenFileA

crypt32

CryptRegisterOIDInfo
CertRegisterSystemStore
CryptSetOIDFunctionValue
I_CryptDisableLruOfEntries
CertFindSubjectInCTL
I_CryptCreateLruCache
CryptGetDefaultOIDFunctionAddress
CertCreateContext
CertSetStoreProperty
CryptSIPRetrieveSubjectGuidForCatalogFile
CertComparePublicKeyInfo

Sections

.MTW
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HK
Size: 512B - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rBfoN
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IYK
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QHY
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PQ
Size: 3KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.q
Size: 5KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mOC
Size: 4KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xLO
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SR
Size: 14KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac3f8dc1ff3b8887df3fb055841add16

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

wininet

crypt32

Sections

.MTW Size: 10KB - Virtual size: 9KB

.HK Size: 512B - Virtual size: 157KB

.rBfoN Size: 2KB - Virtual size: 80KB

.IYK Size: 89KB - Virtual size: 89KB

.QHY Size: 13KB - Virtual size: 13KB

.PQ Size: 3KB - Virtual size: 44KB

.q Size: 5KB - Virtual size: 379KB

.mOC Size: 4KB - Virtual size: 406KB

.xLO Size: 89KB - Virtual size: 88KB

.SR Size: 14KB - Virtual size: 384KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.MTW
Size: 10KB - Virtual size: 9KB

.HK
Size: 512B - Virtual size: 157KB

.rBfoN
Size: 2KB - Virtual size: 80KB

.IYK
Size: 89KB - Virtual size: 89KB

.QHY
Size: 13KB - Virtual size: 13KB

.PQ
Size: 3KB - Virtual size: 44KB

.q
Size: 5KB - Virtual size: 379KB

.mOC
Size: 4KB - Virtual size: 406KB

.xLO
Size: 89KB - Virtual size: 88KB

.SR
Size: 14KB - Virtual size: 384KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B