fdbb13ab3047f47d961b7bb814717b0c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fdbb13ab3047f47d961b7bb814717b0c_JaffaCakes118
Size

184KB
MD5

fdbb13ab3047f47d961b7bb814717b0c
SHA1

b9521309c9241b87867f1bc96d66cf5629f2543b
SHA256

7872d6bd81f83ae74492b5724bf9cbb69feacb37450cfc5269a719eb1caf0ce8
SHA512

2f6c5a69e4c0d43355ddfbe8e32dcb04ff9d0b12214f39ae53dbae87b1a2a7d4452de6832e7fbb286831c88660b8cbf80d6b1b46eeaa124b0ce49f4e0f8dbfa5
SSDEEP

3072:evX3OzJxnt5hxLqPFRs+eEDv0qv+CUqZiu034z3k29eFBtYV8HhC/u8t3uwL:efAVxeRnPtZR1zUgJVMhC3t+wL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdbb13ab3047f47d961b7bb814717b0c_JaffaCakes118

Files

fdbb13ab3047f47d961b7bb814717b0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca913b1334c7394b959785dec4fb524a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetDefaultContext
CoTaskMemAlloc
CoUninitialize
StringFromGUID2
CoInitialize
CoTaskMemFree

gdiplus

GdipGetImageWidth
GdipDisposeImage

kernel32

FindClose
FindNextFileW
lstrlenW
GetCalendarInfoW
OutputDebugStringW
QueryDosDeviceW
GetCurrentDirectoryW
UnmapViewOfFile
UnhandledExceptionFilter
ExitProcess
FindFirstFileW
GetModuleHandleW
MapViewOfFile
GetCurrentProcess
IsWow64Process
GetLastError
ReleaseMutex
CreateDirectoryW
VirtualQuery
InterlockedCompareExchange
EncodePointer
QueryPerformanceCounter
WaitForSingleObject
GetModuleFileNameW
GetSystemTimeAsFileTime
EnterCriticalSection
OpenProcess
EnumResourceNamesA
GetLogicalDriveStringsW
SearchPathW
SetFileAttributesW
OutputDebugStringA
LoadLibraryW
MultiByteToWideChar
GetProcessId
DuplicateHandle
SetLastError
GetProcAddress
VirtualProtect
InitializeCriticalSection
GetCurrentThreadId
InterlockedExchange
GetFileAttributesW
CreateFileMappingW
WideCharToMultiByte
LocalAlloc
GetFileInformationByHandle
GetTickCount
SetUnhandledExceptionFilter
GetModuleHandleA
FreeLibrary
lstrcmpiW
LocalFree
GetFileSizeEx
Sleep
SetEnvironmentVariableW
CreateMutexW

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
EncryptFileW
DecryptFileW
RegEnumKeyW
RegCloseKey

shlwapi

SHRegGetValueW
PathIsUNCW
PathGetArgsW
StrDupW
PathSkipRootW
PathFindFileNameW

user32

AllowSetForegroundWindow
GetPropW
GetGUIThreadInfo
GetClassNameW
GetWindowThreadProcessId
GetForegroundWindow

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca913b1334c7394b959785dec4fb524a

Headers

File Characteristics

Imports

ole32

gdiplus

kernel32

advapi32

shlwapi

user32

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 74KB - Virtual size: 73KB

.edata Size: 1024B - Virtual size: 248KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 74KB - Virtual size: 73KB

.edata
Size: 1024B - Virtual size: 248KB