3179f4a5451ac0332b8bb3671f572cb2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3179f4a5451ac0332b8bb3671f572cb2_JaffaCakes118
Size

45KB
MD5

3179f4a5451ac0332b8bb3671f572cb2
SHA1

0f3a6e3c0a97d8edda7b5d7b11068ab031f287a1
SHA256

6300ecbb3ef39d5ba02c2bab9c21c94556839398a6cb49f3dafefe1beb268643
SHA512

eb324f05402e2ecab0968932bb5c57032eb10d9140cebce59fdd6ca7e399fbca7f4eb07edc9298b845114459f3a2f33e7febd94764645044b5b14d3f5d6be7ee
SSDEEP

768:FgSfCS0A9RMFcfNv1f6oRnhPwIT1EWZGPCxsguGUfgBWLJZbrlj+TXngb:FgST5kENh6ofwKGu9uGU4aJBx+TXgb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3179f4a5451ac0332b8bb3671f572cb2_JaffaCakes118

Files

3179f4a5451ac0332b8bb3671f572cb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3fc7e309314c78ca9ce7b17880ab3d78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscpy
memset
memmove
memcpy
_except_handler3
strrchr
_adjust_fdiv
_purecall
malloc
wcsncpy
free
_vsnprintf
wcslen
_initterm
_vsnwprintf
wcsrchr
wcscmp
_wcsnicmp
wcsncmp
_wcsicmp

kernel32

ExitProcess
ResumeThread
GetTickCount
CloseHandle
CreateFileA
InterlockedExchange
FreeEnvironmentStringsA
GetModuleHandleW
VirtualProtect
GetDiskFreeSpaceA
LoadLibraryA
FreeLibrary
GetModuleFileNameA
SetThreadAffinityMask
GetFileAttributesW
GetCurrentThreadId
FreeEnvironmentStringsW
CreateFileMappingA
TlsAlloc
GetProcessAffinityMask
VirtualAlloc
QueryPerformanceCounter
LoadLibraryW
FindFirstFileW
TlsGetValue
GetLastError
InterlockedDecrement
WaitForSingleObject
GetWindowsDirectoryW
RemoveDirectoryW
GetSystemTimeAsFileTime
ReadFile
GetLocalTime
UnmapViewOfFile
GetSystemTime
TlsSetValue
GetEnvironmentStringsW
TerminateProcess
UnhandledExceptionFilter
InterlockedIncrement
DeleteFileW
LocalAlloc
GetVersionExA
CreateDirectoryW
GetVersion
DeviceIoControl
WriteFile
SetThreadPriority
WideCharToMultiByte
GetEnvironmentStrings
GetProcessHeap
SetUnhandledExceptionFilter
FindNextFileW
CreateEventA
lstrlenW
LocalFree
InitializeCriticalSectionAndSpinCount
CreateFileW
MultiByteToWideChar
HeapFree
GlobalMemoryStatus
lstrlenA
FindClose
SetFileAttributesW
CopyFileW
OutputDebugStringA
InitializeCriticalSection
GetSystemInfo
EnterCriticalSection
GetModuleHandleA
DeleteCriticalSection
MapViewOfFile
SetEvent
VirtualFree
SetLastError
TlsFree
CreateThread
GetProcAddress
HeapAlloc
GetCurrentProcess
GetCurrentProcessId
Sleep
GetFileSize
LeaveCriticalSection

lz32

LZClose

advapi32

RegOpenKeyW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
GetSecurityDescriptorDacl
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExA
GetTraceEnableFlags
RegQueryValueExA
RegSetValueExA
RegDeleteValueW
RegSetKeySecurity
GetTraceLoggerHandle
RegCreateKeyExA
GetTraceEnableLevel
RegisterTraceGuidsW
SetNamedSecurityInfoW

ole32

StringFromCLSID
CoTaskMemFree
CLSIDFromString
CoCreateGuid

mscat32

CryptCATAdminAcquireContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext

winmm

auxSetVolume

Sections

.textbss
Size: 38KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3fc7e309314c78ca9ce7b17880ab3d78

Headers

File Characteristics

Imports

msvcrt

kernel32

lz32

advapi32

ole32

mscat32

winmm

Sections

.textbss Size: 38KB - Virtual size: 240KB

.text Size: 512B - Virtual size: 420B

.idata Size: 4KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 72KB

.textbss
Size: 38KB - Virtual size: 240KB

.text
Size: 512B - Virtual size: 420B

.idata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 72KB