3ac981d3542044d837dc1fcb7de1ec4b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ac981d3542044d837dc1fcb7de1ec4b_JaffaCakes118
Size

630KB
MD5

3ac981d3542044d837dc1fcb7de1ec4b
SHA1

e02989282cb573459610c6da8a764a9ee691935d
SHA256

7fd50e045115da8c9c0752d245db0b20eeb25ceaf22d120d82024630185350ab
SHA512

beff3059dfa5d6f6fd401b7eb15f282d0879cf15a8228a4ec47172c3f2f6dad174dc6af144335bb0eb5c2807a2d658089a18789c623dbc905fc321dd224d7150
SSDEEP

12288:2Zva6WQz6/XGJ22d28f+cFDjoHn5lFXLn2ppmrKhP8B5eDGZMtjgs9zintcX+WFh:2g6/z6/X222d28GcdjoHnFXL2ppM28Bp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ac981d3542044d837dc1fcb7de1ec4b_JaffaCakes118

Files

3ac981d3542044d837dc1fcb7de1ec4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88460382a00b056d65df9d211e66ba22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnregisterHotKey
DestroyMenu
SetDlgItemInt
CreateDialogIndirectParamW
RegisterClassA
WaitForInputIdle
GetCursorPos
CharToOemBuffW
SetProcessDefaultLayout
EndDialog
MenuItemFromPoint
UnhookWinEvent
CopyAcceleratorTableW
LoadMenuIndirectW
GetKeyNameTextA
RegisterClassExA
SetCursor
DdeDisconnectList
SetShellWindow
IsMenu
GetKeyNameTextW
DdeGetLastError
GetMenuState
GetKeyboardLayoutList

wininet

GetUrlCacheEntryInfoExA
SetUrlCacheEntryGroupW
InternetTimeFromSystemTimeA
GopherFindFirstFileW

comctl32

InitCommonControlsEx

kernel32

GetCurrentThreadId
SetFilePointer
GetSystemTimeAsFileTime
SetEnvironmentVariableA
InterlockedIncrement
MoveFileA
GetOEMCP
GetACP
WriteConsoleA
TlsAlloc
IsDebuggerPresent
IsValidLocale
SetStdHandle
LoadLibraryA
GetStdHandle
TlsGetValue
OpenMutexA
GetProcAddress
ExitProcess
VirtualQuery
LCMapStringA
FreeLibrary
CreateMutexA
GetLocaleInfoW
GetStartupInfoW
SetLastError
LocalLock
SetHandleCount
GetConsoleOutputCP
HeapDestroy
GetConsoleMode
InterlockedDecrement
TlsFree
CompareStringA
GetCurrentProcess
GetCommandLineW
MultiByteToWideChar
GetCurrentThread
GetDateFormatA
LeaveCriticalSection
EnumSystemCodePagesA
GetEnvironmentStringsW
GetFileType
GetComputerNameA
CloseHandle
GetStringTypeA
DeleteCriticalSection
GetModuleFileNameW
GetCurrentProcessId
GetTimeZoneInformation
WriteFile
GetTickCount
GetCommandLineA
InterlockedExchange
Sleep
GetDateFormatW
GetModuleFileNameA
EnterCriticalSection
VirtualFree
HeapCreate
FreeEnvironmentStringsW
SetFileAttributesA
CompareStringW
GetStringTypeW
TlsSetValue
LCMapStringW
UnhandledExceptionFilter
RtlUnwind
WideCharToMultiByte
TerminateProcess
GetTimeFormatA
RemoveDirectoryA
GetModuleHandleW
IsBadWritePtr
GetLastError
SetLocaleInfoA
EnumSystemLocalesA
GetCPInfo
GetModuleHandleA
HeapFree
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
FlushFileBuffers
CreateFileA
CreatePipe
WriteProfileStringA
QueryPerformanceCounter
ReadConsoleOutputCharacterW
HeapReAlloc
GetLocaleInfoA
ReadFile
GetUserDefaultLCID
GetStartupInfoA
SuspendThread
lstrcmpA
GetConsoleCP
WriteConsoleW
GetFileAttributesExW
HeapAlloc
HeapSize
VirtualAlloc
IsValidCodePage

Sections

.text
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88460382a00b056d65df9d211e66ba22

Headers

File Characteristics

Imports

user32

wininet

comctl32

kernel32

Sections

.text Size: 285KB - Virtual size: 284KB

.rdata Size: 10KB - Virtual size: 18KB

.data Size: 322KB - Virtual size: 321KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 285KB - Virtual size: 284KB

.rdata
Size: 10KB - Virtual size: 18KB

.data
Size: 322KB - Virtual size: 321KB

.rsrc
Size: 12KB - Virtual size: 11KB