3adfc4fb7ea04691a935b3a10a58aeb2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3adfc4fb7ea04691a935b3a10a58aeb2_JaffaCakes118
Size

708KB
MD5

3adfc4fb7ea04691a935b3a10a58aeb2
SHA1

5756cb51627ab892bb43a80f58996d81a7a33db5
SHA256

e11c7711fabbe7ac6d1bf34d75baea43c80d2078fef6a0f1ee4924666e73920f
SHA512

e6749d5a6a35d8a5f898991f7496534fbdd29dd47aded1779128265ec1e46f6276bab7ebec00878c3aae9ac7b63261f592c087c3f672ad4ec3e0cd50aabc4f53
SSDEEP

12288:xPJWJr0R+gANr4QfqOzKnztKnrUHwUJ2fybJEIgvONTmTt3WH:xPJWJr0UzyNzt2cJ2fydEzmwJ3WH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3adfc4fb7ea04691a935b3a10a58aeb2_JaffaCakes118

Files

3adfc4fb7ea04691a935b3a10a58aeb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a369ffe491843266e7b5dbf840aeb5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
Sleep
MoveFileA
GetTempPathA
GetExitCodeThread
FileTimeToSystemTime
ReadFile
SetFilePointer
GetFileSize
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SystemTimeToFileTime
FindFirstFileA
GetTickCount
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
FindNextFileA
FindClose
GetLogicalDriveStringsA
FindResourceA
SizeofResource
GetLocalTime
LoadResource
CopyFileA
SleepEx
GlobalAlloc
CreateFileA
WriteFile
CloseHandle
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
GetProcAddress
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
MultiByteToWideChar
RaiseException
WideCharToMultiByte
HeapSize
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
GlobalFree
FlushFileBuffers
LocalAlloc
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetSystemTime
GetTimeZoneInformation
DeleteFileA
GetLastError
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
HeapFree
HeapAlloc

user32

GetWindowRect
GetDC
GetDesktopWindow
MessageBoxA
mouse_event
SetCursorPos
SendMessageA
IsWindow
OpenClipboard
GetCursorPos
CloseClipboard
DestroyWindow
GetClipboardData

gdi32

GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchBlt
GetDIBits

advapi32

RegSetValueExA
GetUserNameA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
VariantInit

ws2_32

connect
WSAStartup
htons
socket
WSAGetLastError
gethostbyname
send
closesocket
WSACleanup
recv

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

gdiplus

GdipAlloc
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipFree
GdiplusStartup
GdipSaveImageToFile
GdipDisposeImage
GdipGetImageThumbnail
GdipLoadImageFromFile
GdipGetImageEncoders
GdipGetImageEncodersSize

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 604KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a369ffe491843266e7b5dbf840aeb5e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

avicap32

gdiplus

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 604KB - Virtual size: 602KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 604KB - Virtual size: 602KB