3ede5083dab57c79b7d5915129e98b86_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ede5083dab57c79b7d5915129e98b86_JaffaCakes118
Size

3.2MB
MD5

3ede5083dab57c79b7d5915129e98b86
SHA1

eeec3dedaacee01e23fe9e07d933348b1a504594
SHA256

5a10fba96c60a279b77518339e57e6ba007a00d47ba4875e498e66de04ad859f
SHA512

aacc47241a73196304d516b56ee12044f5a157ddadae843cab195c5eca1440fdf4b9bd8fbfe34658bb0a5782115b2072c1af754af177465afbab90c4dcff61cd
SSDEEP

24576:8ZlLE7Td9NP+lbVMS7NSRKShAjBZfCL1KKH:8M7tyVz7c1+WlH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ede5083dab57c79b7d5915129e98b86_JaffaCakes118

Files

3ede5083dab57c79b7d5915129e98b86_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6b465e1f21385964c7ba9b806f791cca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
RaiseException
TlsFree
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
HeapFree
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CreateFileW
GetCommandLineW
GetConsoleWindow
GetStringTypeW
GetUserDefaultLCID
CompareStringW
RemoveDirectoryW
OutputDebugStringW
GetModuleHandleW
CreateWaitableTimerW
FileTimeToLocalFileTime
TransmitCommChar
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
VirtualAlloc
TlsSetValue
GlobalLock

userenv

LeaveCriticalPolicySection

user32

SetCapture
ReleaseCapture
MsgWaitForMultipleObjects
GetSystemMetrics
LoadMenuW
DeleteMenu
TrackPopupMenu
GetMenuItemInfoW
DrawIcon
GetScrollPos
AdjustWindowRect
SetParent
FindWindowExW
GetTopWindow
GetWindow
DrawIconEx
GetKeyboardType
SetFocus
CharPrevW
GetDialogBaseUnits
CheckDlgButton
DialogBoxParamW
BeginDeferWindowPos
SetWindowPlacement
CreateWindowExW
UnregisterClassW
CallWindowProcW
DefWindowProcW
ReplyMessage
PeekMessageW
TranslateMessage

crypt32

CryptDecodeObject
CryptMsgUpdate
CryptMsgGetParam
CertEnumCertificatesInStore
CertFreeCertificateContext
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertGetEnhancedKeyUsage
CertGetPublicKeyLength
CertVerifyTimeValidity
CryptExportPublicKeyInfo
CryptExportPKCS8
CryptQueryObject
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CryptFindOIDInfo

winscard

SCardListReadersW

ole32

CLSIDFromProgID

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 847KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.noglhe
Size: 674KB - Virtual size: 673KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i6rf
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5khrs
Size: 518KB - Virtual size: 518KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.6et2rp
Size: 651KB - Virtual size: 651KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b465e1f21385964c7ba9b806f791cca

Headers

File Characteristics

Imports

kernel32

userenv

user32

crypt32

winscard

ole32

Sections

.text Size: 117KB - Virtual size: 117KB

.data Size: 847KB - Virtual size: 7.7MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.noglhe Size: 674KB - Virtual size: 673KB

.i6rf Size: 136KB - Virtual size: 136KB

.5khrs Size: 518KB - Virtual size: 518KB

.6et2rp Size: 651KB - Virtual size: 651KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 117KB - Virtual size: 117KB

.data
Size: 847KB - Virtual size: 7.7MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.noglhe
Size: 674KB - Virtual size: 673KB

.i6rf
Size: 136KB - Virtual size: 136KB

.5khrs
Size: 518KB - Virtual size: 518KB

.6et2rp
Size: 651KB - Virtual size: 651KB

.rsrc
Size: 362KB - Virtual size: 362KB