3867d59fb7fbdaa46196be774b3e0f13_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3867d59fb7fbdaa46196be774b3e0f13_JaffaCakes118
Size

360KB
MD5

3867d59fb7fbdaa46196be774b3e0f13
SHA1

04057cfae49c36abff71c16e0c4dd5d89fe2935a
SHA256

45951da259c212eeaa402350c83001db0fc5d645ad9ad876a3ec759f339ac90a
SHA512

d22757c1352b97bb51d98491a509218124f148ef71e069ea2ac179da9fa7a74aed190f4214dee7c363185169e336fa04ef3c9898af6f40fa60a8e385c4ef5fc4
SSDEEP

6144:IrROT8KEdT/J93T2rvJ6TIxwH/H2LXfr0e+zwFBUt+CuRf:j4KEdT/3T2rcewH/WLr0Lzo2tNuRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3867d59fb7fbdaa46196be774b3e0f13_JaffaCakes118

Files

3867d59fb7fbdaa46196be774b3e0f13_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a00bbb721075ddca1ecb401afab9c869

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
GetVolumePathNameW
GlobalAlloc
GetSystemDirectoryW
FreeConsole
GetSystemWindowsDirectoryA
DeleteVolumeMountPointW
LeaveCriticalSection
GetFileAttributesA
SetConsoleMode
Beep
GetTapePosition
WritePrivateProfileSectionW
GetTimeZoneInformation
MultiByteToWideChar
lstrlenW
ReplaceFileA
SetTapePosition
GetStdHandle
GetThreadLocale
GetProcAddress
GetLongPathNameA
CreateJobSet
GetDateFormatA
RemoveDirectoryA
RegisterWaitForSingleObject
CreateFileMappingA
LocalAlloc
WritePrivateProfileStringA
LockResource
FindNextFileA
WriteProfileStringA
GetModuleHandleA
VirtualProtect
GetConsoleCursorInfo
OpenSemaphoreW
EnumResourceLanguagesW
AreFileApisANSI
CommConfigDialogW
ReadConsoleW
ReadFile
SetEndOfFile
CreateFileW
WriteConsoleW
OutputDebugStringW
FlushFileBuffers
GetWindowsDirectoryA
ConvertFiberToThread
GetTickCount
GetCommProperties
FindFirstFileExW
FlushConsoleInputBuffer
FindCloseChangeNotification
InterlockedCompareExchange
HeapFree
CreateJobObjectW
WritePrivateProfileSectionA
lstrlenA
DebugActiveProcess
FreeResource
CreateMutexW
GetFileSize
FillConsoleOutputCharacterA
GetTempFileNameW
GetComputerNameA
ReadFileEx
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
DeleteCriticalSection
GetStringTypeW
GetLastError
GetCommandLineW
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
GetProcessHeap
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
HeapSize
CloseHandle
GetFileType
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryExW
SetStdHandle

user32

GetMonitorInfoA
LoadCursorFromFileW
GetMenuInfo
SetMessageQueue
DefFrameProcW
SetParent

advapi32

RegEnumKeyExA
ConvertToAutoInheritPrivateObjectSecurity
RegConnectRegistryA
ReportEventW
ObjectPrivilegeAuditAlarmW
InitializeAcl
GetAce
PrivilegeCheck
AddAccessDeniedObjectAce
CreateServiceA
EqualSid
LookupAccountNameA
RegQueryMultipleValuesW
RegRestoreKeyW
DeleteAce
GetUserNameW
OpenEventLogW
RegSetValueA
LookupPrivilegeNameW

Exports

Exports

_MyFunc31@4

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a00bbb721075ddca1ecb401afab9c869

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 152KB - Virtual size: 306KB

.rsrc Size: 38KB - Virtual size: 37KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 152KB - Virtual size: 306KB

.rsrc
Size: 38KB - Virtual size: 37KB

.reloc
Size: 8KB - Virtual size: 7KB