fffb4e3298b2930b89b805e89c43d0bc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fffb4e3298b2930b89b805e89c43d0bc_JaffaCakes118
Size

141KB
MD5

fffb4e3298b2930b89b805e89c43d0bc
SHA1

9b493d401a99273c1baa293b85ff48ffd2a79af4
SHA256

7e9240da8fcfd2c655550e7de0b77fc29e9f6517aa2905920f81121faf206dfc
SHA512

b7fda8d7a8d1ff7198ed28772c4259fbc4f5b4f50e0315d5e3fff0b27c4d352da8851cd10f60cd83b5a24a202e6dfbbadc6e7ba39ca3200be6d530aa0fba16e6
SSDEEP

3072:4E9hSjfR7uNmRKUG41aFgwR5l/6ynhYwJecIXHiFkRcOYnlZW:41fR7uNmRK2WLpqVc2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fffb4e3298b2930b89b805e89c43d0bc_JaffaCakes118

Files

fffb4e3298b2930b89b805e89c43d0bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

054fb8226fddbcc045230d1e424c61cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
GetTickCount
GetWindowsDirectoryW
GlobalFree
HeapDestroy
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryExA
LoadLibraryW
LocalFree
MapViewOfFile
OutputDebugStringW
GetTempFileNameW
SetEvent
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
lstrcpynW
VirtualAllocEx
CreateFileA
lstrcatA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
EnterCriticalSection
DeleteCriticalSection
CreateProcessW
CreateFileW
CloseHandle
CreateFileMappingW
QueryPerformanceCounter

user32

LoadIconW
LoadIconA
LoadCursorA
MessageBoxW
LoadStringW
LoadCursorW
GetWindowLongW
GetSysColorBrush
GetSysColor
GetParent
wsprintfW
GetDlgItem
FillRect
EndDialog
EnableWindow
DrawIconEx
DispatchMessageW
DialogBoxParamW
DestroyWindow
DefWindowProcW
CreateWindowExW
TranslateMessage
ShowWindow
SetWindowTextW
PostQuitMessage
SetWindowPos
SetWindowLongW
SetTimer
SetDlgItemTextW
SendMessageW
RegisterClassExW
GetMessageW

gdi32

SetTextColor
SetBkMode
SelectObject
Polyline
GetObjectW
CreatePen
GetStockObject
DeleteObject
CreateFontIndirectW

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExA

shell32

ExtractIconExW
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shlwapi

PathFindFileNameW
StrCmpW
StrToIntW
PathQuoteSpacesW
SHDeleteKeyW
PathAppendW
PathRemoveFileSpecW

msvcrt

exit
system
strncpy
strncmp
_XcptFilter
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_errno
_except_handler3
_exit
_initterm
_iob
_strnicmp
_vsnwprintf
_write
calloc
fclose
fflush
fgets
fopen
fprintf
fputc
fputs
free
getc
getenv
gmtime
isdigit
isspace
malloc
perror
printf
putc
putchar
sprintf
sscanf
strchr

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

054fb8226fddbcc045230d1e424c61cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 123KB - Virtual size: 122KB

.data Size: 512B - Virtual size: 164B

.rdata6 Size: 512B - Virtual size: 100B

.rdata5 Size: 512B - Virtual size: 100B

.rdata4 Size: 1024B - Virtual size: 1000B

.rdata3 Size: 1024B - Virtual size: 1000B

.rdata2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 123KB - Virtual size: 122KB

.data
Size: 512B - Virtual size: 164B

.rdata6
Size: 512B - Virtual size: 100B

.rdata5
Size: 512B - Virtual size: 100B

.rdata4
Size: 1024B - Virtual size: 1000B

.rdata3
Size: 1024B - Virtual size: 1000B

.rdata2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 12KB - Virtual size: 12KB