3fe0716d5d37136a85b47c8f8965dfad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3fe0716d5d37136a85b47c8f8965dfad_JaffaCakes118
Size

2.5MB
MD5

3fe0716d5d37136a85b47c8f8965dfad
SHA1

d7153dc3a5353ea1039ef6cc97fe31b4665c0ee0
SHA256

80f6b5302a72aa32b6bf9c2131be9e6c25a5637723df045df0458e1ab18a7f7e
SHA512

b6ce82c25997d3adb78f58267fb9ce8c5c4f02fb616df4856f5388fc5329221bc2e21c5a6db2096497e78d69137374c5eb5d7f19610eefe4eb52eb2f9302c243
SSDEEP

12288:YhdQMZbvCBUwtbmWdjNDoXTfWG5nhyTpTr1pirKaw6klISfSL2XhTGDZnXCEmB6P:Yhy8vcUwkAEu0yJrOYlISfy2tPlvcD9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fe0716d5d37136a85b47c8f8965dfad_JaffaCakes118

Files

3fe0716d5d37136a85b47c8f8965dfad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8bf185529cb41f55056805e5837d6619

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

CreateURLMoniker

user32

GetRegisteredRawInputDevices
CopyIcon
DrawIconEx
LoadCursorW
FindWindowW
EqualRect
IntersectRect
BeginPaint
GetMenuItemID
CreatePopupMenu
SetMenu
EndDialog
DialogBoxParamW
IsIconic
BeginDeferWindowPos
CreateWindowExW
RegisterClassExW
ExitWindowsEx

advapi32

RegOpenKeyExW

kernel32

CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CreateFileW
HeapSize
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
LCMapStringW
FreeEnvironmentStringsW
GlobalAlloc
LocalFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetCommState
CompareFileTime
DosDateTimeToFileTime
lstrcmpiW
TlsAlloc
CreateEventW
GetModuleFileNameW
GetModuleHandleW
GetStartupInfoW
GetFileAttributesW
GetFileAttributesExW
GetOEMCP
MultiByteToWideChar
GetLocaleInfoW
EnumSystemGeoID
GetThreadLocale
GetUserDefaultLCID
GetStringTypeW
GetConsoleWindow
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
DeleteCriticalSection
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree

oleaut32

SafeArrayGetLBound
SafeArrayAccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayPtrOfIndex
VariantInit
VariantCopyInd
VariantChangeType
VarI4FromStr
VarR8FromStr
VarDateFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromBool
VarBoolFromStr
VarNeg
VarNot
LoadTypeLi
SetErrorInfo
CreateErrorInfo
SysReAllocStringLen
SysStringLen
SafeArrayCreate
SafeArrayRedim
SafeArrayGetUBound

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2.4MB - Virtual size: 9.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bf185529cb41f55056805e5837d6619

Headers

File Characteristics

Imports

urlmon

user32

advapi32

kernel32

oleaut32

Sections

.text Size: 76KB - Virtual size: 76KB

.data Size: 2.4MB - Virtual size: 9.2MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 4KB - Virtual size: 4KB

.text
Size: 76KB - Virtual size: 76KB

.data
Size: 2.4MB - Virtual size: 9.2MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 4KB - Virtual size: 4KB