3b129f967cdfbd313d26242da8d628c1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3b129f967cdfbd313d26242da8d628c1_JaffaCakes118
Size

96KB
MD5

3b129f967cdfbd313d26242da8d628c1
SHA1

5084322c8b7fb18c78658d8f39a8ef4f8d40868c
SHA256

f576761f058dea08ef648c1e845a7ba21935194b14a27fe4a3f33c135fd36465
SHA512

95a5cc8db48d7450be4f11e70b8bc2bb7103c2d555eb18e6f586adbc5fc85b8c26a2771f2a9da0eeeb0eeaa76e5f1b2fd875c82d8a563e8e8c7d2d3219ffeb09
SSDEEP

1536:Sal8wc65UjUvBEgct5p4mSKytTWuHQy3kSam09J6lnTCD/aKm:SHb65UjUJut5pR3CWHy3kSRWJyCTZm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b129f967cdfbd313d26242da8d628c1_JaffaCakes118

Files

3b129f967cdfbd313d26242da8d628c1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c8a2514781a382e265b03d5663308e9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
__p__fmode
__set_app_type
memmove
_except_handler3
_mbsnextc
setlocale
_mbsdec
strchr
_XcptFilter
_exit
_c_exit
sprintf
atoi
_mbsinc
_mbsrchr
_mbsicmp
_mbschr
printf
__p__commode
_mbslen
_mbsnicmp
_mbsncmp
_ismbblead
sscanf
_mbctolower
_controlfp
__lconv_init
exit

advapi32

RegOpenKeyExA
RegCloseKey
LookupAccountNameW
GetUserNameA
RegQueryValueExA

kernel32

EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
ExitProcess
DebugBreak
DeleteFileA
Sleep
HeapFree
HeapAlloc
GetProcessHeap
FreeLibrary
GetProcAddress
LoadLibraryA
SetLastError
SetConsoleCtrlHandler
GetModuleFileNameA
GetWindowsDirectoryA
GetModuleHandleA
FormatMessageA
LocalFree
GetFullPathNameA
IsDBCSLeadByte
FlushFileBuffers
CreateDirectoryA
ReadFile
SetFilePointer
CreateFileA
GetFileAttributesA
SetErrorMode
FindFirstFileA
GetLastError
FindClose
WriteFile
DeleteCriticalSection
GetVersionExA
InitializeCriticalSection
CloseHandle
CreateEventA
GetCurrentDirectoryA
GetEnvironmentStrings

setupapi

SetupOpenInfFileA
SetupOpenAppendInfFileA
SetupCloseInfFile
SetupFindNextLine
SetupGetStringFieldA
SetupFindFirstLineA

log

LogSetVerboseBitmap
LogDeleteOnNextInit
LogReInitA
LogIfA
LogDirectA
LogBegin
LogA
LogEnd
SuppressAllLogPopups

migism

IsmResumeSave
IsmSelectTransport
IsmRegisterTransport
IsmStartTransport
IsmTickProgressBar
IsmStartEtmModules
IsmSetEnvironmentFlag
IsmSetEnvironmentValue
IsmAddControlFile
IsmSetEnvironmentString
IsmSelectComponent
IsmSetEnvironmentData
IsmSetPlatform
IsmInitialize
IsmExecute
IsmSelectMasterGroup
IsmSave
IsmSetCancel
IsmCurrentlyExecuting
IsmSetTransportStorage
IsmTerminate

user32

MessageBoxA
CharLowerA

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 70KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c8a2514781a382e265b03d5663308e9a

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

setupapi

log

migism

user32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 6KB

.edata Size: 70KB - Virtual size: 92KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 6KB

.edata
Size: 70KB - Virtual size: 92KB