3f75f80de5c8974ad02ab5997e765f85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f75f80de5c8974ad02ab5997e765f85_JaffaCakes118
Size

944KB
MD5

3f75f80de5c8974ad02ab5997e765f85
SHA1

9973f9ba29b17a598e6d9df19dafccd71d51bafb
SHA256

7120442c9386bdc79e820c89cb5905b416510dc044683b5ce1d7f2e20929cce4
SHA512

809e1e080e193eb1e0a016075143fbbd197fd3a20f2866e7b49b26e75bf66211eeb630462e6dc14cd8475546ae3290cdcf6bdeb7d6c7a336c33129341e801cc5
SSDEEP

12288:WUr4zSw6IBWjoyVqfNIOccpKYeMMWrLHpY3PI9B61bdHXC/dhnskdC+Ul15IKj7F:ZrMssNxccpdLx/dhs915Ig7x6y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f75f80de5c8974ad02ab5997e765f85_JaffaCakes118

Files

3f75f80de5c8974ad02ab5997e765f85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

658096a5f44a15db29f6969f6335aa81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetFileSize
WriteFile
ReadFile
FlushFileBuffers
CreateFileA
DeleteFileA
MoveFileA
CreateDirectoryA
SetEndOfFile
ReleaseMutex
SetHandleCount
CloseHandle
GetCurrentDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
GetDiskFreeSpaceA
GetTickCount
GlobalLock
GlobalFree
GlobalUnlock
GetWindowsDirectoryA
GetSystemDirectoryA
CreateMutexA
GetLastError
FindNextFileA
MultiByteToWideChar
FindFirstFileA
FindClose
lstrcpyA
lstrcatA
WinExec
OutputDebugStringA
lstrcpynA
GlobalAlloc
GetDriveTypeA
GetModuleFileNameA
RemoveDirectoryA
OpenFile
GetCPInfo
SetUnhandledExceptionFilter
GetStringTypeW
IsBadCodePtr
SetConsoleCtrlHandler
GetEnvironmentStringsW
GetStringTypeA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetFileType
LCMapStringW
UnhandledExceptionFilter
WideCharToMultiByte
VirtualAlloc
LCMapStringA
HeapCreate
SetStdHandle
VirtualFree
WaitForSingleObject
HeapFree
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
GetStdHandle
DebugBreak
HeapAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
HeapValidate
IsBadReadPtr
IsBadWritePtr
GetACP
GetOEMCP
RaiseException
HeapDestroy

user32

DispatchMessageA
SetFocus
wsprintfA
SetClipboardData
CloseClipboard
ShowWindow
MessageBoxA
FindWindowA
TranslateMessage
RegisterClassExA
PeekMessageA
PostQuitMessage
WindowFromPoint
GetCursorPos
ShowCursor
GetKeyState
GetFocus
ReleaseCapture
SetCapture
CreateCursor
SetCursor
GetAsyncKeyState
MapVirtualKeyA
InvalidateRect
BeginPaint
EndPaint
GetWindowRect
GetWindowLongA
DefWindowProcA
PostMessageA
LoadIconA
EmptyClipboard
GetClientRect
AdjustWindowRectEx
SetWindowPos
ScreenToClient
SetWindowTextA
ClientToScreen
CreateWindowExA
DestroyWindow
GetSystemMetrics
LoadCursorA
SetWindowLongA
DestroyCursor
ReleaseDC
ChangeDisplaySettingsA
GetDC
GetClipboardData
EnumDisplaySettingsA
OpenClipboard
SetClassLongA
LoadMenuA

gdi32

DeleteObject
RealizePalette
SelectPalette
Rectangle
SelectObject
GetStockObject
CreatePalette
GetPaletteEntries
SetPixel
LineTo
MoveToEx
CreatePen
CreateSolidBrush
SetDIBitsToDevice
UnrealizeObject
GetDeviceCaps

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 836KB - Virtual size: 834KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

658096a5f44a15db29f6969f6335aa81

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 836KB - Virtual size: 834KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 12KB - Virtual size: 42KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 24KB - Virtual size: 21KB

.text
Size: 836KB - Virtual size: 834KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 12KB - Virtual size: 42KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 24KB - Virtual size: 21KB