33c6bd3df72ae3c148001e761a6b8e29_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33c6bd3df72ae3c148001e761a6b8e29_JaffaCakes118
Size

419KB
MD5

33c6bd3df72ae3c148001e761a6b8e29
SHA1

b9014fbc51ca75c950b635309b69eeaba9c14051
SHA256

d9038f3c069342ad3664a267a38334a93734d9f13e37503f3eb97349a4641d37
SHA512

542eeaea8f9403f25aadfcfbd2b1a6e52b70cdc9a0d73a727288c5de268f6caede1527c71978a11924ee435975fe63416c138152805b7ed36ec320bcaf3239ff
SSDEEP

12288:/wkvCVZstqNJby6tzAGwjDpkTr9KrCgGQzt8dwU:nCVZstqbbLBwjDpmwrRG2t8d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33c6bd3df72ae3c148001e761a6b8e29_JaffaCakes118

Files

33c6bd3df72ae3c148001e761a6b8e29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d33d6987de92d35be1d603b11b006275

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SheGetDirA
SHGetPathFromIDListA

kernel32

GetStartupInfoA
TlsAlloc
GetLastError
TerminateProcess
GetFileType
GetVersion
UnhandledExceptionFilter
FreeEnvironmentStringsW
VirtualQuery
TlsSetValue
WriteFile
GetCommandLineA
IsBadWritePtr
OpenEventA
WideCharToMultiByte
GetCurrentProcess
FreeEnvironmentStringsA
VirtualAlloc
HeapCreate
FindNextFileW
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
HeapReAlloc
GetProcAddress
SetFilePointer
GetACP
FlushViewOfFile
RtlUnwind
GetEnvironmentStringsW
GetPrivateProfileStructW
GetStdHandle
GetCurrentProcessId
ExitProcess
LCMapStringA
HeapFree
SetEndOfFile
GetModuleFileNameA
GetProfileStringA
lstrcmpW
GlobalHandle
QueryPerformanceCounter
GetStringTypeA
FindResourceW
HeapAlloc
EnterCriticalSection
LoadLibraryA
TlsFree
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetCurrentThread
GetTickCount
GetCPInfo
GetPriorityClass
LeaveCriticalSection
GetModuleHandleA
LCMapStringW
HeapDestroy
GetCurrentThreadId
VirtualFree
InterlockedExchange
GetOEMCP
MultiByteToWideChar
LockFile
SetHandleCount
TlsGetValue
SetLastError
GetStringTypeW

advapi32

LookupSecurityDescriptorPartsW
ReportEventW
InitiateSystemShutdownA
CryptDestroyKey
RegEnumKeyExA
LookupAccountNameA
RegEnumKeyW
LookupPrivilegeDisplayNameA
CryptEnumProviderTypesW
CryptEncrypt
CryptVerifySignatureW
RegOpenKeyW
RegDeleteKeyA
RegSaveKeyA
CryptHashData

user32

DdeQueryConvInfo
GetMenuInfo
LoadBitmapW
CreateDesktopA
MapVirtualKeyW
SetCaretPos
CharUpperBuffA
DrawMenuBar
SetDlgItemTextW

comdlg32

GetOpenFileNameA
ReplaceTextA
PrintDlgW
GetSaveFileNameA

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d33d6987de92d35be1d603b11b006275

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

user32

comdlg32

Sections

.text Size: 122KB - Virtual size: 121KB

.rdata Size: 4KB - Virtual size: 28KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 122KB - Virtual size: 121KB

.rdata
Size: 4KB - Virtual size: 28KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 15KB - Virtual size: 14KB