3b324801f2541629acc8e336087c93e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b324801f2541629acc8e336087c93e8_JaffaCakes118
Size

332KB
MD5

3b324801f2541629acc8e336087c93e8
SHA1

2e658ba477349e6d012ab2819680c680d436923e
SHA256

3d461b6e108893ccb772c828bcb9f31c8a822c2135716ba432bab768cb40f3dd
SHA512

964ce1116350c66f082fc45cfa1995189a340a9729cb1067df75ae9d2bea4242b42a116ae4e9f3ecd7fec81d8989c9bc0a3eba276c6b71274e2d6f18ddcaf59c
SSDEEP

6144:A0fVIevO5johgrZLJa7vvtsQ9RYo9PzyHeD9x1psqgYOx+:A09IeWlTa7Hi2uaPzyM1Cq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b324801f2541629acc8e336087c93e8_JaffaCakes118

Files

3b324801f2541629acc8e336087c93e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13c77b0bc742123b32596ffcee1c09b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetCommModemStatus
GetConsoleCursorInfo
GetLargestConsoleWindowSize
LocalLock
CloseHandle
GetOverlappedResult
SetCommTimeouts
QueryDosDeviceA
EnumResourceNamesA
GetDriveTypeA
DeleteFiber
GetTempPathW
_llseek
VirtualProtect
GetDateFormatA
FlushConsoleInputBuffer
EnumCalendarInfoW
GlobalFree
ReleaseSemaphore
LocalReAlloc
OpenSemaphoreW
LocalFileTimeToFileTime
CreateDirectoryW
GetCommandLineW
GetNumberFormatW
SetConsoleMode
PrepareTape
SetFileTime
IsBadWritePtr
FreeLibraryAndExitThread
EnumResourceNamesW
CreateNamedPipeW
SetConsoleWindowInfo
CreateDirectoryExA
GetEnvironmentVariableW
CreateDirectoryA
GetPrivateProfileSectionW
VirtualLock
CreatePipe
EnumDateFormatsW
ScrollConsoleScreenBufferA
ReadConsoleInputW
EraseTape
GetPrivateProfileStringA
OpenFile
GetProfileStringA
GetStartupInfoA
RemoveDirectoryA
GetFileType
IsDBCSLeadByteEx
GlobalGetAtomNameW
SuspendThread
FindFirstFileW
CreateMutexA
GetSystemTimeAdjustment
FindFirstFileExW
MultiByteToWideChar
GetBinaryTypeA
CreateIoCompletionPort
GenerateConsoleCtrlEvent
GlobalUnlock
SetVolumeLabelA
lstrcpynA
SetThreadLocale
GetVersion
IsValidLocale
ReadConsoleOutputA
lstrcmpA
lstrcmpiW
PeekNamedPipe
EnumResourceLanguagesW
DosDateTimeToFileTime
SetThreadAffinityMask
CompareStringW
ReadFileScatter
ReadConsoleA
RemoveDirectoryW
GetSystemDefaultLangID
WriteProcessMemory
GetOEMCP
CreateFileW
GetDiskFreeSpaceW
_lclose
ClearCommBreak
GlobalFindAtomA
WritePrivateProfileStringW
GetCommandLineA
VirtualAlloc
OpenMutexA
ExitProcess

user32

DefMDIChildProcW
EnumDisplayDevicesW
ToAscii
SetWindowLongW
PostQuitMessage
EnumChildWindows
EnumDisplaySettingsExW
PostMessageW
OpenWindowStationW
GetClassInfoExW
CharPrevA
LoadBitmapW
CreateDialogIndirectParamA

gdi32

SetViewportOrgEx
GetGlyphOutlineA
EnumFontFamiliesW

comdlg32

ChooseColorA
GetFileTitleW
PrintDlgW

advapi32

AbortSystemShutdownW
OpenSCManagerA
GetSidIdentifierAuthority
SetSecurityDescriptorOwner
StartServiceW
CryptDestroyHash
CryptReleaseContext
RegEnumKeyExW
SetEntriesInAclA
CryptSetHashParam
RegUnLoadKeyA
GetSecurityDescriptorSacl
CryptVerifySignatureA
InitializeSecurityDescriptor
GetSidSubAuthorityCount
GetSecurityDescriptorDacl
LookupPrivilegeDisplayNameA
ImpersonateLoggedOnUser
CloseServiceHandle
CryptGetUserKey
BuildTrusteeWithSidW
MakeAbsoluteSD
CopySid
GetUserNameA

shell32

FindExecutableA
SHGetDesktopFolder
DragQueryPoint
FindExecutableW

ole32

StgOpenStorage
OleSetClipboard
OleIsRunning
OleFlushClipboard
OleInitialize
IIDFromString
StringFromGUID2
CoGetClassObject

oleaut32

SafeArrayGetElement
SafeArrayGetLBound
SetErrorInfo
QueryPathOfRegTypeLi
VariantCopy

comctl32

ImageList_GetIconSize
ImageList_Draw
ImageList_Merge
PropertySheetA

shlwapi

StrChrIW
PathFindFileNameA
SHCreateStreamOnFileW
SHRegGetBoolUSValueW
PathRemoveBackslashW
PathCanonicalizeA
StrChrIA
StrCmpW
PathGetDriveNumberW
PathIsFileSpecW

Sections

megss
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

mumkmo
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ywwwwq
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qmiai
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13c77b0bc742123b32596ffcee1c09b5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

megss Size: 4KB - Virtual size: 2KB

mumkmo Size: 8KB - Virtual size: 4KB

ywwwwq Size: 280KB - Virtual size: 279KB

qmiai Size: 36KB - Virtual size: 35KB

megss
Size: 4KB - Virtual size: 2KB

mumkmo
Size: 8KB - Virtual size: 4KB

ywwwwq
Size: 280KB - Virtual size: 279KB

qmiai
Size: 36KB - Virtual size: 35KB