3ae872987672dcefd77350db7c7d1336_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ae872987672dcefd77350db7c7d1336_JaffaCakes118
Size

499KB
MD5

3ae872987672dcefd77350db7c7d1336
SHA1

7348e819437ff2c375e6c7d7decf06a2487ebb4c
SHA256

a4774c56aa303a1f2b08af853a48cfcb4bce40e5888a53ead90f31bd12e43c32
SHA512

90a7f438f9aad7bca10bc20d2b6cea155a9c4a7d1bd4741753bbde1f46beaedcbea15b707d21d64a0528d67359d649de3b574e0634f70574254482c28921b37b
SSDEEP

12288:NRsmDuDY29DZAWjKTHAX6X5eESzTERX5T/:N6maDY291mgXA5eESzo5t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ae872987672dcefd77350db7c7d1336_JaffaCakes118

Files

3ae872987672dcefd77350db7c7d1336_JaffaCakes118
.exe windows:4 windows x86 arch:x86

006b1ce33b8037b12a3cba2d4f9c5f6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\eda\o

Imports

kernel32

CompareStringW
GetLocaleInfoA
GetEnvironmentStrings
GetSystemTimeAsFileTime
LoadLibraryA
HeapAlloc
GetStringTypeA
LCMapStringW
GetCPInfo
SetFilePointer
TlsAlloc
GetModuleHandleA
GetVersionExA
TlsSetValue
CompareStringA
WideCharToMultiByte
TerminateProcess
GetDateFormatA
SetLastError
GetFileType
IsValidCodePage
InterlockedExchange
MoveFileExW
VirtualQuery
GetProfileStringA
OpenMutexA
GetEnvironmentStringsW
CloseHandle
GetOEMCP
SetEnvironmentVariableA
GetCurrentThread
GetStringTypeW
GetTimeFormatA
FreeEnvironmentStringsW
DeleteCriticalSection
VirtualProtect
GetCurrentProcessId
HeapReAlloc
HeapFree
RtlUnwind
FlushFileBuffers
GetLocaleInfoW
GetTimeZoneInformation
HeapSize
GetFullPathNameA
LeaveCriticalSection
CreateMutexA
VirtualAlloc
GetTickCount
EnumSystemLocalesA
UnhandledExceptionFilter
IsValidLocale
QueryPerformanceCounter
VirtualFree
GetCurrentThreadId
ExitProcess
TlsFree
HeapDestroy
ReadFile
GetStartupInfoA
InitializeCriticalSection
GetUserDefaultLCID
GetStdHandle
SetHandleCount
GetCommandLineA
MultiByteToWideChar
GetCurrentProcess
FreeEnvironmentStringsA
GetACP
GetSystemInfo
GetProcAddress
LCMapStringA
SetStdHandle
WritePrivateProfileStringA
EnterCriticalSection
WriteFile
IsBadWritePtr
GetModuleFileNameA
GetLastError
TlsGetValue
HeapCreate

comctl32

InitCommonControlsEx

wininet

InternetGetConnectedStateEx
FindFirstUrlCacheEntryExW

gdi32

ExtEscape
StartDocW
GetEnhMetaFileBits
GetClipBox
CreateDIBPatternBrush
SetTextCharacterExtra
GetTextMetricsA
FrameRgn
SetTextColor
GetBoundsRect
GetObjectA
CreateHatchBrush
GetEnhMetaFileDescriptionW

shell32

SHInvokePrinterCommandA
SHGetInstanceExplorer
SHLoadInProc

user32

RegisterClassA
SetMenuItemInfoW
ClipCursor
GetNextDlgTabItem
EnumPropsW
ShowWindow
SetPropA
CreateWindowExA
RegisterClassExA
MessageBoxA
CharLowerA

Sections

.text
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

006b1ce33b8037b12a3cba2d4f9c5f6c

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

wininet

gdi32

shell32

user32

Sections

.text Size: 355KB - Virtual size: 355KB

.rdata Size: 19KB - Virtual size: 31KB

.data Size: 113KB - Virtual size: 112KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 355KB - Virtual size: 355KB

.rdata
Size: 19KB - Virtual size: 31KB

.data
Size: 113KB - Virtual size: 112KB

.rsrc
Size: 10KB - Virtual size: 10KB