3a3f2620202c2afb7b7cc958875d6847_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a3f2620202c2afb7b7cc958875d6847_JaffaCakes118
Size

29KB
MD5

3a3f2620202c2afb7b7cc958875d6847
SHA1

200160b26d84eb23efc9ba775879696ce404aa7e
SHA256

c2a7529594c8683532001274cff34b0c32b29561c8894500cd435df089fe2056
SHA512

11e479176554598bdb929e5a2ace797879a93b7747a2779d8c11b86b9ccf26a36e43346cf7c618c04ce19592b5df28bce0d09f31a9c57804827b8b798bb09247
SSDEEP

768:QSn9xLuTOobSVDQl8s65OGQMhys5o5eq2V44n/k:Qy9UTOsSVElE5O1MhD5zq2v8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a3f2620202c2afb7b7cc958875d6847_JaffaCakes118

Files

3a3f2620202c2afb7b7cc958875d6847_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1657fe55626b7f22f2fcfed6515acdf2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemTime
GetVersionExA
HeapAlloc
InitializeCriticalSection
OpenFileMappingA
ReadFile
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetLastError
SetUnhandledExceptionFilter
SleepEx
TlsSetValue
VirtualAlloc
VirtualFree
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA

user32

GetDlgItem
FillRect
EndDialog
EnableScrollBar
DrawIcon
LoadCursorFromFileA
CreateDialogParamA
CopyRect
CharUpperBuffA
CharNextA
wsprintfA
ShowOwnedPopups
ToAscii
DestroyCaret

advapi32

RegEnumKeyA
RegCloseKey
LsaICLookupSids
LsaCreateAccount
LsaCreateSecret
LsaCreateTrustedDomain
LsaDelete
LsaEnumeratePrivilegesOfAccount
LsaFreeMemory
LsaGetQuotasForAccount
LsaGetRemoteUserName
LsaGetUserName

msvbvm60

__vbaFileSeek
__vbaFileClose
__vbaFailedFriend
__vbaExceptHandler
__vbaDerefAry1
__vbaCyStr
__vbaCySgn
__vbaCyForNext
__vbaBoolVar
__vbaAryConstruct

dinput

DirectInputCreateEx
DirectInputCreateA
DirectInputCreateW

wininet

FindFirstUrlCacheEntryA
FindFirstUrlCacheGroup
FindNextUrlCacheEntryA
FindNextUrlCacheGroup
HttpAddRequestHeadersA
HttpEndRequestA
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCanonicalizeUrlA
InternetCheckConnectionA
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetGetCookieA
InternetGetLastResponseInfoA
InternetGoOnlineA
InternetQueryDataAvailable
InternetReadFile
InternetSetOptionExA
InternetSetStatusCallbackA
InternetWriteFile

Exports

Exports

Muxuitpw
Sh

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1657fe55626b7f22f2fcfed6515acdf2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvbvm60

dinput

wininet

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 8KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 8KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB