3a2e83c2876236a8f5ec536ece84c72d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a2e83c2876236a8f5ec536ece84c72d_JaffaCakes118
Size

244KB
MD5

3a2e83c2876236a8f5ec536ece84c72d
SHA1

1442a6b48b316c50cba898b1fd9990cddd609561
SHA256

3858de05cd1af6f7e1a904078a3c65d42b2a337822a2d25cc39fcd08b089cb67
SHA512

360dfdbaa46e85697bcf274802f9836f2a9c7e902977553ff13feb46a2512ce0184ea3c7dc14917a3a909334d5b378f8cc45bfe00832fddc469563e61f6e5ac4
SSDEEP

3072:fVB9gqZ3erLvLbiudgO18NfozmtqYh/YysfbsCIkQ6aPXYoqEzWcmzkpG9neyvZY:NgCO/h7+foKttNYysSkwooZiAG9hm1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a2e83c2876236a8f5ec536ece84c72d_JaffaCakes118

Files

3a2e83c2876236a8f5ec536ece84c72d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c97f38053d50a668a9a2a9fc6e770de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekNamedPipe
CreateFileW
ReadConsoleOutputA
ReadConsoleInputW
SetEndOfFile
SetFileTime
FreeEnvironmentStringsA
EnumSystemCodePagesA
SetSystemTime
GetVersionExA
VirtualProtect
GetCommandLineA
LeaveCriticalSection
lstrcatW
ExitProcess
GlobalReAlloc
GetDriveTypeW
EnumDateFormatsW
LocalSize
WriteProcessMemory
GetDiskFreeSpaceExA
DeleteCriticalSection
FindFirstFileA
_hread
WriteConsoleOutputW
ExitThread
VirtualQuery
UnhandledExceptionFilter
DuplicateHandle
FindFirstFileW
GetTapeStatus
GetProcessHeap
FreeLibraryAndExitThread
SetStdHandle
LoadLibraryExA
GetFileAttributesA
VirtualAlloc
LoadLibraryExW

user32

CopyAcceleratorTableW
SetUserObjectSecurity
DialogBoxParamW
GetClipboardFormatNameA
EnumThreadWindows
GetMenuState
RegisterHotKey
GetMenuItemInfoA
PeekMessageA
CreateDesktopW
GetPropA
CharPrevW
GetTabbedTextExtentW
SetLastErrorEx
WindowFromDC
LoadBitmapW
IsCharLowerA
DialogBoxIndirectParamW
OemToCharBuffW
EndPaint
SetThreadDesktop
CharToOemA
EnumDesktopsA
GetUpdateRgn
SetForegroundWindow

gdi32

SetAbortProc
CreatePen
CreatePolyPolygonRgn
CreateDIBitmap
DPtoLP
SetBkColor
SaveDC
MoveToEx
ExcludeClipRect
ChoosePixelFormat
GetTextExtentPoint32A
UnrealizeObject
GetViewportExtEx
CreateFontA
BitBlt
EqualRgn
CopyMetaFileW
FillRgn
TextOutA

comdlg32

GetSaveFileNameA

advapi32

CryptHashData
RegDeleteValueA
BuildTrusteeWithSidW

shell32

SHGetDesktopFolder
ShellExecuteA

ole32

OleBuildVersion

oleaut32

SetErrorInfo
VariantChangeType
SysFreeString
SafeArrayGetElement
SafeArrayPutElement
QueryPathOfRegTypeLi
LoadTypeLi
SysAllocStringLen

comctl32

CreatePropertySheetPageA

shlwapi

SHGetValueW
SHGetValueA
PathIsRootW
PathGetArgsW
StrCmpNIA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c97f38053d50a668a9a2a9fc6e770de

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 232KB - Virtual size: 228KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 232KB - Virtual size: 228KB