f3328dc5cef7512e283e33e4852d5cd3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3328dc5cef7512e283e33e4852d5cd3_JaffaCakes118
Size

488KB
MD5

f3328dc5cef7512e283e33e4852d5cd3
SHA1

49d1bdef9b3221e872a6d73a85b43810fa8e1297
SHA256

77efb5da07f42c45a34258c172ee4a63e425db1f2c4e9810d486911143b9c889
SHA512

f310f42a689099de3299a8825102cc0dd3bb67372f79c127f057a9f99fb945c9b6a08d35b0ed75040f5ab41a43ba07629e77862ef42b374d36665d4c0ae54833
SSDEEP

12288:tFTh5+jitdFcG9ln0Ruz0W7iq+4DCWNPqbZjz/:pzF1xum0vqhnSp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3328dc5cef7512e283e33e4852d5cd3_JaffaCakes118

Files

f3328dc5cef7512e283e33e4852d5cd3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bd8155f556d8b8c0aa58bd716122c42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetKeySecurity
RegQueryMultipleValuesW
RegSetValueExW
RegDeleteValueA
RegEnumValueW
RevertToSelf
RegOpenKeyExW
RegCreateKeyW
CryptEnumProviderTypesW
CryptEnumProvidersA
CryptSetProvParam
RegLoadKeyW

user32

CreatePopupMenu
CreateMDIWindowW
IsDialogMessageW
LoadCursorW
ValidateRgn
ShowScrollBar
OffsetRect
DdeUninitialize
SetWindowRgn
MessageBoxExA
SetClipboardViewer
RegisterClassExA
DispatchMessageW
MonitorFromPoint
GetDlgItemTextA
BroadcastSystemMessage
OemToCharW
CallWindowProcA
GetAncestor
UnpackDDElParam

gdi32

GetTextFaceA
PlgBlt
GetSystemPaletteEntries
IntersectClipRect
CreateColorSpaceW
SetStretchBltMode
ScaleWindowExtEx
GetFontLanguageInfo
SetMagicColors
GetKerningPairsA
EnumFontFamiliesA
GetFontData
gdiPlaySpoolStream
RemoveFontResourceA
CreateColorSpaceA
GdiPlayDCScript
MaskBlt
SetColorSpace
SetArcDirection

shell32

SHGetFileInfoW
SHFileOperation
ShellAboutA
CheckEscapesW
ShellExecuteEx
DragQueryFileA
FindExecutableA
SHBrowseForFolderA
SHGetFileInfoA
RealShellExecuteW
RealShellExecuteExW
RealShellExecuteExA
SHGetDiskFreeSpaceA
SHGetFileInfo
SHFormatDrive

kernel32

FindResourceExA
GetStringTypeW
GetFullPathNameW
GetSystemTimeAsFileTime
GlobalUnlock
TlsGetValue
TlsSetValue
FreeEnvironmentStringsA
GetCurrentThread
GetCurrentThreadId
CreateMailslotA
WriteFile
CreateToolhelp32Snapshot
ExitProcess
IsBadWritePtr
LeaveCriticalSection
TlsAlloc
GetStdHandle
LockResource
GetCurrentProcessId
GetProfileStringW
GetVersion
DeleteCriticalSection
TlsFree
FoldStringW
SetLocalTime
EnumResourceTypesA
ReadConsoleInputW
GetCurrentProcess
HeapCreate
VirtualAlloc
ReadFile
FreeEnvironmentStringsW
HeapReAlloc
InterlockedExchange
UnhandledExceptionFilter
MultiByteToWideChar
TerminateProcess
GetModuleFileNameA
CreateFileW
GetModuleHandleA
GetEnvironmentStringsW
GetModuleFileNameW
HeapFree
CompareFileTime
SetConsoleScreenBufferSize
VirtualQuery
SetHandleCount
GetFileType
GetLastError
GetEnvironmentStrings
ReadConsoleOutputCharacterA
SetLastError
GetCommandLineA
HeapAlloc
GlobalAddAtomA
TransmitCommChar
GetProcAddress
EnumTimeFormatsW
SetConsoleCursorInfo
RtlUnwind
GetStartupInfoW
SetThreadIdealProcessor
EnterCriticalSection
GetCommandLineW
LoadLibraryA
GetStartupInfoA
GetTickCount
QueryPerformanceCounter
HeapDestroy
InitializeCriticalSection
VirtualFree

comdlg32

LoadAlterBitmap
ChooseFontA
GetFileTitleW
PageSetupDlgA
ReplaceTextA

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bd8155f556d8b8c0aa58bd716122c42

Headers

File Characteristics

Imports

advapi32

user32

gdi32

shell32

kernel32

comdlg32

Sections

.text Size: 212KB - Virtual size: 211KB

.data Size: 271KB - Virtual size: 271KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 212KB - Virtual size: 211KB

.data
Size: 271KB - Virtual size: 271KB

.rsrc
Size: 4KB - Virtual size: 3KB