3aad95cf0d3eb42b8e4d13db9b541098_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3aad95cf0d3eb42b8e4d13db9b541098_JaffaCakes118
Size

3.0MB
MD5

3aad95cf0d3eb42b8e4d13db9b541098
SHA1

e6712f66384ab76e341f9dce9b43b114ebb0a9aa
SHA256

aa6b6d5127835ba80668f990a7f41cb88640c9282ff889aecae84cbe0a7c72bf
SHA512

9fd1ac00ffd0d07998f55ed37a96e201de1468ebacbf1b1c7aa5eecfed376355070f750da3b066c2f343106eef0e4753f18a595cb79f4f982c43297aa409eb21
SSDEEP

49152:Wu/Uyd1CEnsF3p0IpeKrP3hnLjlsmLCgOYhbu4KikcjzylUT11OsXE834oORZKDG:plHsU5KrvFL9ugOqb+kjrOsXBTKZK6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aad95cf0d3eb42b8e4d13db9b541098_JaffaCakes118

Files

3aad95cf0d3eb42b8e4d13db9b541098_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00afedb5ec2b87e8ead906637fd195d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
WinExec
DeviceIoControl
GetVersion
CreateDirectoryA
DeleteFileA
GetTempFileNameA
GetStdHandle
ReadFile
WriteFile
SetEndOfFile
SetFilePointer
GetFileAttributesA
SetFileAttributesA
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileTime
SetVolumeLabelA
FindFirstFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetDriveTypeA
GetLocaleInfoA
WriteProfileStringA
HeapDestroy
InitializeCriticalSection
GetCurrentProcess
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
CreateFileA
CloseHandle
GetLastError
lstrlenA
MultiByteToWideChar
GetDiskFreeSpaceA
GetFullPathNameA
lstrcatA
GetTempPathA
SetCurrentDirectoryA
GetCommandLineA
GetCurrentThreadId
lstrcpyA
WideCharToMultiByte
GetModuleFileNameA
GetVersionExA
FlushFileBuffers
HeapSize
GetFileType
SetHandleCount
GetProcAddress
LCMapStringW
LCMapStringA
VirtualAlloc
VirtualFree
RaiseException
UnhandledExceptionFilter
HeapCreate
GetStartupInfoA
MoveFileA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
TerminateProcess
ExitProcess
HeapReAlloc
HeapAlloc
GetLogicalDrives
SetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
RtlUnwind
GetStringTypeA
GetStringTypeW
HeapFree
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryA

user32

LoadStringA
TrackPopupMenu
CreatePopupMenu
GetMessageA
EndDialog
DialogBoxParamA
wsprintfA
GetDlgItem
DispatchMessageA
SetFocus
SendDlgItemMessageA
SetDlgItemInt
ReleaseCapture
MessageBoxA
GetDlgItemInt
IsWindow
ClientToScreen
ScreenToClient
GetCursorPos
GetParent
RegisterClassA
SetCursor
SetCapture
OemToCharBuffA
CharToOemBuffA
GetDesktopWindow
MoveWindow
DdeClientTransaction
DdeGetLastError
IsDialogMessageA
DdeDisconnect
LoadCursorA
LoadIconA
UpdateWindow
ShowWindow
CreateWindowExA
PostMessageA
PostQuitMessage
DefWindowProcA
SendMessageA
IsDlgButtonChecked
EnableWindow
GetWindowTextA
CheckDlgButton
IsWindowEnabled
GetDlgItemTextA
DdeInitializeA
DdeFreeStringHandle
DdeCreateStringHandleA
DdeConnect
CallWindowProcA
SetWindowLongA
GetWindowLongA
GetWindowRect
SetWindowPos
SetDlgItemTextA
PeekMessageA
TranslateMessage
DestroyMenu
SetWindowTextA
DdeUninitialize

gdi32

GetStockObject

comdlg32

GetFileTitleA

advapi32

RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueA
RegCreateKeyA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pklstb
Size: 74KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo2
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00afedb5ec2b87e8ead906637fd195d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: - Virtual size: 94KB

.rdata Size: - Virtual size: 2KB

.data Size: - Virtual size: 35KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 8KB

.pklstb Size: 74KB - Virtual size: 90KB

.relo2 Size: 512B - Virtual size: 60B

.text
Size: - Virtual size: 94KB

.rdata
Size: - Virtual size: 2KB

.data
Size: - Virtual size: 35KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 8KB

.pklstb
Size: 74KB - Virtual size: 90KB

.relo2
Size: 512B - Virtual size: 60B