3b38077c0e1056843c1b883b78d65f58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b38077c0e1056843c1b883b78d65f58_JaffaCakes118
Size

118KB
MD5

3b38077c0e1056843c1b883b78d65f58
SHA1

9a08f7436ded462194e76d0b5f17a694dbd267e4
SHA256

b483bb6284056a4cbbc62263913b9785fa05eb2c53189cdd85f2bc46b5c4931c
SHA512

1eb665008d8f6ec69756d2e6cb97106157ff3ee145f5df06219d15c5c10e8387e1198ed55398b0bbf35013573215c4943e2e33ecd87c41968d4607e0fae504de
SSDEEP

1536:wwGNePzwfGUh6aJbp9PtYJzTiWzlMnX5j/RdO5kGsnQQMVha7GWI8:hGN/GUoKp9P+Tlzl45yOGsn6VAa8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b38077c0e1056843c1b883b78d65f58_JaffaCakes118

Files

3b38077c0e1056843c1b883b78d65f58_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8c93a22261f3488d1b2b094f3cb8738d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlInitCodePageTable
NtQueryVolumeInformationFile
RtlDestroyHeap
_allrem
CsrClientCallServer
NtMapViewOfSection
RtlUnicodeStringToOemSize
NtTestAlert
qsort
RtlValidSecurityDescriptor
ispunct
RtlTimeToSecondsSince1970
NtQueryDefaultLocale
RtlInitializeCriticalSection
NtTerminateThread

kernel32

PulseEvent
CompareFileTime
_lwrite
SetLocalTime
SetConsoleWindowInfo
AllocConsole
GetNumberOfConsoleMouseButtons
VirtualAlloc
GetAtomNameA
CopyFileA
OutputDebugStringA
SetProcessShutdownParameters
GetDiskFreeSpaceExW
CommConfigDialogA
PeekConsoleInputW
GetModuleHandleW
SetConsoleCursorPosition
GetVersion
HeapLock
UnlockFileEx
GetEnvironmentVariableA
GetSystemDirectoryW
FreeEnvironmentStringsA
GetCurrentThread
UpdateResourceW
ExitProcess
SetStdHandle
GetFileAttributesA
FreeConsole

gdi32

GdiEntry15
PolylineTo
EqualRgn
GdiGetLocalBrush
CreateFontW
RemoveFontResourceTracking
StartDocA
GetTextCharacterExtra
SetBkColor
GetObjectType
GetTextAlign
GetTextCharset
GdiCleanCacheDC
GetTextExtentPoint32W
SaveDC
GetAspectRatioFilterEx
GetPixel
GetSystemPaletteUse
ChoosePixelFormat
GetNearestPaletteIndex
GdiInitSpool
EnumFontFamiliesExA
DeleteDC
GetEnhMetaFilePaletteEntries
GetTextFaceA
GetCharWidthFloatW
GetTextFaceW
GetCharWidthFloatA
CopyMetaFileA
DeleteColorSpace
GetMetaRgn
GetViewportExtEx
CreateColorSpaceA
GetTextColor

ole32

CreatePointerMoniker
OleCreateFromDataEx
WdtpInterfacePointer_UserUnmarshal
OleQueryLinkFromData
IIDFromString
HMETAFILE_UserMarshal
OleConvertIStorageToOLESTREAMEx
CoGetInstanceFromIStorage
ReadOleStg
CoMarshalInterThreadInterfaceInStream
CoGetClassObject
HBITMAP_UserFree
STGMEDIUM_UserFree
CoLockObjectExternal
IsValidPtrIn
CoRevokeMallocSpy
OleSetContainedObject
OleIsRunning
CLIPFORMAT_UserMarshal
WriteClassStg
StringFromIID
OleSetClipboard
CoRegisterChannelHook
HACCEL_UserSize
OleFlushClipboard
HMETAFILE_UserFree
CoMarshalInterface
CoBuildVersion
CoRevertToSelf
CoMarshalHresult
WdtpInterfacePointer_UserSize
HBRUSH_UserSize
OleLockRunning
OleNoteObjectVisible
CoLoadLibrary
WdtpInterfacePointer_UserMarshal
OleGetAutoConvert

user32

RegisterSystemThread
GetClipboardViewer
CharToOemA
DestroyMenu
TranslateMDISysAccel
DdePostAdvise
MessageBoxW
IsCharAlphaA
GetClassInfoExW
CreateIconFromResource

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c93a22261f3488d1b2b094f3cb8738d

Headers

File Characteristics

Imports

ntdll

kernel32

gdi32

ole32

user32

Sections

.text Size: 44KB - Virtual size: 44KB

.data Size: 66KB - Virtual size: 184KB

.adata Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 44KB

.data
Size: 66KB - Virtual size: 184KB

.adata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB