fbf8d032fde86033a87ad7ff1a1eb1be_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fbf8d032fde86033a87ad7ff1a1eb1be_JaffaCakes118
Size

427KB
MD5

fbf8d032fde86033a87ad7ff1a1eb1be
SHA1

f1535897f521a5e82e58dc25ff7f6441bcfe3aa7
SHA256

57fc066ed4b0d7000427e0f9982ca238aa3fe378f307c51a88e8a09423b9c0f2
SHA512

0092dd8ad2b458216c7d6034e3a793404acd75340d656eabb533a2009697f16312cb28fe7f2a929b7fac1b91e12a2fca5f4a1b2342201772b7f54465b9847773
SSDEEP

12288:JgnUVgkue6LsDxcjow6FhJFmVVErWm9EkN0+mZ:IO6L996f9Eku

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack003/PaymentAdvice.exe

resource
unpack003/PaymentAdvice.exe

Files

fbf8d032fde86033a87ad7ff1a1eb1be_JaffaCakes118
.eml
email-html-2.txt
email-plain-1.txt
primary.eml
.eml
Payment Advice.cab
.cab
PaymentAdvice.exe
.exe windows:6 windows x86 arch:x86

79bcb07d7acd978f9ca84095c744e3ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
free
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
memset
realloc
malloc
__p__commode

kernel32

CloseHandle
VirtualProtect
EnumLanguageGroupLocalesW
GetModuleHandleW
GetStartupInfoW
WriteFile
CreateFileW

user32

LoadCursorW
GetClientRect
InvalidateRect
EndPaint
BeginPaint
DestroyWindow
PostQuitMessage
DefWindowProcW
DispatchMessageW
TranslateMessage
AppendMenuW
GetSysColorBrush
CreateMenu
SetMenu
CreateWindowExW
RegisterClassExW
RegisterClassW
ReleaseDC
GetDC
GetMessageW

gdi32

GetDIBits
GetPixel
LineTo
SelectObject
SetPixel
GetObjectW
ExtFloodFill
GetStockObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetBkColor
SetROP2
DeleteObject
ExtTextOutW
MoveToEx
CreateSolidBrush

comdlg32

GetOpenFileNameW
ChooseColorW

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
email-html-1.txt
.html

Sharing

General

Malware Config

Signatures

Files

79bcb07d7acd978f9ca84095c744e3ba

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 15KB - Virtual size: 15KB