3a155bf6fe6e594e1a05243f0d02e27d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a155bf6fe6e594e1a05243f0d02e27d_JaffaCakes118
Size

347KB
MD5

3a155bf6fe6e594e1a05243f0d02e27d
SHA1

16cac1fc668f355cc3f4f61ec3c541c31b2b360e
SHA256

7a809e0f462f00f0cceae79c4555f87f8796ca3e779cffa3d26b0dfbf6fc5663
SHA512

7a28ffe7f327df72b2da645a7bf2b4bec1e610df8b5324e8bab3abff3212764c4540e505475515e489686e8c20f631c5df31c76ec0977f355c189530f866e5f1
SSDEEP

6144:8lPIqfhlWZ9EvaytVsbTHAN/Hv0QX+GqTrZyoEP91CLuO8FQ+ldUt3F2TN3:8lAqxvayvwTgNfv0Ql04x91fOmQedUZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a155bf6fe6e594e1a05243f0d02e27d_JaffaCakes118

Files

3a155bf6fe6e594e1a05243f0d02e27d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab31b23ea1b1d51df17c97c98b4506ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LsaLookupNames
RegCloseKey
RegCreateKeyExW
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
AccessCheck
RegOpenKeyExW

gdi32

EndDoc
CreateFontIndirectW

kernel32

ClearCommError
CloseHandle
CreateEventA
CreateFileA
CreateFileW
DeleteCriticalSection
EnterCriticalSection
EscapeCommFunction
FreeLibrary
GetCommConfig
GetCommModemStatus
GetCommProperties
GetCommState
GetCurrentProcess
GetDefaultCommConfigA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetProcAddress
GetSystemDirectoryA
GetThreadSelectorEntry
GetTickCount
GetTimeFormatA
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
PurgeComm
ReadFile
ReadFileEx
SetCommConfig
SetCommMask
SetCommState
SetCommTimeouts
SetEndOfFile
SetEvent
SetFilePointer
SetUnhandledExceptionFilter
SetupComm
Sleep
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObject
WaitForSingleObjectEx
WriteFile
WriteFileEx
lstrcatA
lstrcatW
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpyW
lstrlenA
lstrlenW
VirtualAlloc
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InterlockedCompareExchange
InterlockedExchange
QueryPerformanceCounter
GetCommandLineW
LoadResource
FindResourceA
CreateProcessW
ExpandEnvironmentStringsW
FlushInstructionCache
GetModuleFileNameA
GetModuleHandleW
GetProcessHeap
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
LocalAlloc
LocalFree
TlsGetValue
TlsSetValue
lstrcpynW
ExitProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
VirtualFree
HeapCreate
HeapDestroy
SetLastError
TlsFree
TlsAlloc
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
GetCommandLineA
GetVersionExA
GetStartupInfoA
GetModuleHandleA

ole32

CoMarshalInterface
PropVariantCopy

rpcrt4

I_UuidCreate
NdrNonEncapsulatedUnionBufferSize
RpcBindingServerFromClient
RpcMgmtEpEltInqDone
I_RpcDeleteMutex

user32

PostMessageW
LoadStringW
IsChild
InvalidateRect
GetParent
GetFocus
GetClientRect
FindWindowW
EndPaint
DestroyWindow
SendMessageW
CreateWindowExW
CallNextHookEx
BeginPaint
wvsprintfA
wsprintfA
SetSystemCursor
LoadStringA
GetWindowRect
GetClassInfoExW
DdeConnect
SetFocus
SetWindowsHookExW
ShowWindow
UnhookWindowsHookEx
WaitForInputIdle
DestroyAcceleratorTable

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab31b23ea1b1d51df17c97c98b4506ca

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

rpcrt4

user32

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 272KB - Virtual size: 274KB

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 272KB - Virtual size: 274KB