3383ff93a61864270181c6149a36c6b6_JaffaCakes118

General

Target

3383ff93a61864270181c6149a36c6b6_JaffaCakes118
Size

4.0MB
MD5

3383ff93a61864270181c6149a36c6b6
SHA1

2a95d594159b53c448bae5a8882a05398041c05d
SHA256

6787a0800be339b8b6db63fe4b0cbbd68b69c736aecd45c4a85b2f02eb3e57d3
SHA512

1e13f0095788b864ceff9ec9aa5c7d69389fb64738f41ea2417b44dcc486897c712682fe6f53b668778e7a33f3be16a0860bb97eea68c1d43ffe47f34945ff85
SSDEEP

6144:hJBoFM5amgDhFbeq2OCoCdcnLsVOfHKjl+Ryxekhy:uM5a3bJ2OCJ6noV6qh+Ryxekh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3383ff93a61864270181c6149a36c6b6_JaffaCakes118

Files

3383ff93a61864270181c6149a36c6b6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

605550acb84f5d13d08094db2ec7ed51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetLastError
LoadLibraryExW
VirtualAlloc
Sleep
OutputDebugStringW
LoadLibraryW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetSystemDirectoryA
GetSystemDirectoryW
GetProcAddress
GetLogicalDrives
GetDriveTypeW
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
FindFirstFileW
FindClose
CloseHandle
HeapFree
GetProcessHeap
GetModuleHandleA
GetLocalTime
WriteFile
SetFilePointer
ExpandEnvironmentStringsW
GetEnvironmentVariableW
HeapAlloc
CreateFileW
DeviceIoControl
CreateThread
WaitForSingleObject
ExitThread
SetLastError

user32

LoadCursorA

gdi32

GdiFlush
CancelDC
DeleteEnhMetaFile
GdiGetBatchLimit
CreateHalftonePalette
CreateMetaFileA
DeleteColorSpace
DeleteDC
CloseFigure
BeginPath
AddFontResourceW
CreatePatternBrush
AddFontResourceA
CreateCompatibleDC
CloseMetaFile
CloseEnhMetaFile
AbortPath
DeleteMetaFile
AbortDoc
CreateSolidBrush
CreateMetaFileW
GetEnhMetaFileW

advapi32

RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

605550acb84f5d13d08094db2ec7ed51

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 1KB