3d57b5a8ac467767379237ec1fc3bd9e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3d57b5a8ac467767379237ec1fc3bd9e_JaffaCakes118
Size

1.5MB
MD5

3d57b5a8ac467767379237ec1fc3bd9e
SHA1

988fbb7582d2a5841f2bed5953d832dbdddc098e
SHA256

5408625002ccf15d52cecc3f875fa7e8d242582f76eb84f43dac627dc3307cb9
SHA512

18536e32814b155c91b56a52e6991bba0c4352aef6b470781eff88deb3a274e095124f3396755ea7d84dd01191af501e4b3f1070ccfa30d5fada2d6536beaa19
SSDEEP

24576:2ZmupMY4uSasxgGQ7F9K7+z65gLteW1l4Qjvor3sBiP:yjpMYhWQb/FsqorJP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d57b5a8ac467767379237ec1fc3bd9e_JaffaCakes118

Files

3d57b5a8ac467767379237ec1fc3bd9e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1ff321533a92a7fa0c460e5fefb7923c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
CreateSemaphoreW
LoadLibraryExW
CreateProcessW
CreateDirectoryW
GetFullPathNameW
CreateFileW
DeleteFileW
GetCPInfoExW
MultiByteToWideChar
GetStringTypeW
EnumLanguageGroupLocalesW
EnumSystemLocalesW
EnumSystemCodePagesW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
lstrcmpiW
HeapSize
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
GetSystemInfo
GetSystemTime
SetCommState
CloseHandle
WaitForMultipleObjects
GetLastError
GetCurrentThreadId
GetCurrentProcess
GetProcAddress
VirtualAlloc
GlobalFree
GlobalAlloc
LCMapStringW
GetCommandLineW
IsProcessorFeaturePresent
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
WriteConsoleW

winspool.drv

AddMonitorW

user32

SystemParametersInfoW
DrawIconEx
LoadCursorFromFileW
GetDesktopWindow
GetSysColorBrush
MessageBeep
GetPropW
GetScrollPos
EndPaint
GetDCEx
AllowSetForegroundWindow
SetForegroundWindow
GetMenuItemInfoW
TrackPopupMenuEx
GetSubMenu
DestroyMenu
SetMenu
LoadAcceleratorsW
MsgWaitForMultipleObjectsEx
CharLowerW
GetDlgItem
DialogBoxParamW
DeferWindowPos
BeginDeferWindowPos
GetWindowPlacement
DestroyWindow
SendMessageTimeoutW
TrackMouseEvent
GetKeyboardLayout

comctl32

ImageList_Read
CreateStatusWindowW
ImageList_GetImageInfo
ImageList_Write
ImageList_BeginDrag
ImageList_DrawIndirect
ImageList_Replace
ImageList_Draw
ImageList_GetImageCount
ImageList_Create
PropertySheetW
DestroyPropertySheetPage

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bi2t
Size: 866KB - Virtual size: 866KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ff321533a92a7fa0c460e5fefb7923c

Headers

File Characteristics

Imports

kernel32

winspool.drv

user32

comctl32

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 205KB - Virtual size: 205KB

.data Size: 4KB - Virtual size: 6.7MB

.bi2t Size: 866KB - Virtual size: 866KB

.rsrc Size: 362KB - Virtual size: 361KB

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 205KB - Virtual size: 205KB

.data
Size: 4KB - Virtual size: 6.7MB

.bi2t
Size: 866KB - Virtual size: 866KB

.rsrc
Size: 362KB - Virtual size: 361KB