3a7d9de1b6179ddfc4e9b27b2fc9500c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a7d9de1b6179ddfc4e9b27b2fc9500c_JaffaCakes118
Size

304KB
MD5

3a7d9de1b6179ddfc4e9b27b2fc9500c
SHA1

68c232b4b9fdd9a4c003dff33c59751bc5e0afa2
SHA256

ed1f75fbbb8841dd9778283eaf124258fce7659f7c3426710a0b2c18375a4aaf
SHA512

8f2cd1814c69b5996d471169136c2e88ace9d1b5bb3e72355066fe6869d8027cadbf4fd1b41fc60851f1ed67f601db84373500eadfcfdc86d183aac9224873e8
SSDEEP

6144:8weZaGMbc2kbWPpN1YzFcRxJhfBt7/e8fkl+rIIKFcN:OC4JbWPizFixJJ0o4G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a7d9de1b6179ddfc4e9b27b2fc9500c_JaffaCakes118

Files

3a7d9de1b6179ddfc4e9b27b2fc9500c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

278e32e33fe4b77200f3d904593322ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetTimeZoneInformation
GetTapeParameters
SetProcessWorkingSetSize
VirtualProtect
GetVersionExA
QueryDosDeviceW
MoveFileExA
GetProcessTimes
WriteConsoleOutputW
ScrollConsoleScreenBufferA
GetCommConfig
DeleteCriticalSection
FormatMessageA
FindResourceExA
CreateIoCompletionPort
SetEnvironmentVariableW
GetLargestConsoleWindowSize
MoveFileW
ExitThread
VirtualFree
GetPrivateProfileStringW
GetCommState
GetFullPathNameA
GetUserDefaultLangID
CreateDirectoryW
ExitProcess
DosDateTimeToFileTime
GetDriveTypeW
VirtualAllocEx
SetFileTime
SetProcessAffinityMask
IsBadStringPtrA
GetCommandLineA
SetLastError

user32

LoadAcceleratorsA
GetSysColor
SetProcessDefaultLayout
CharLowerBuffW
GetInputState
SubtractRect
GetKeyboardLayoutList
IsChild
SetMenuItemInfoA
ToUnicodeEx
AdjustWindowRectEx
UpdateWindow
WinHelpW
GetProcessWindowStation

advapi32

CryptSetKeyParam
ReportEventW
GetServiceKeyNameW
EqualSid
CryptGetKeyParam
LookupAccountSidA
ObjectDeleteAuditAlarmW
CryptVerifySignatureW
AddAce
RegRestoreKeyW
RegOpenKeyW
RegEnumValueW
AdjustTokenPrivileges
RegReplaceKeyW
InitializeSid
QueryServiceLockStatusW
IsValidAcl
ImpersonateSelf
GetAce
BuildTrusteeWithSidW
CryptAcquireContextW
RevertToSelf
SetSecurityDescriptorDacl
RegSaveKeyW
ControlService

shell32

ShellExecuteA
DragFinish
DragQueryPoint

ole32

CoGetClassObject
OleSetMenuDescriptor
OleConvertIStorageToOLESTREAM

oleaut32

SysStringLen
VariantCopy
SetErrorInfo
SafeArrayUnaccessData
SafeArrayCreate

comctl32

CreateToolbarEx

shlwapi

SHCopyKeyA
StrStrIA
PathParseIconLocationW
PathIsSameRootW
StrCmpNW

setupapi

SetupDiGetClassDevsExW
SetupDiClassGuidsFromNameExA
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyW
SetupDiGetINFClassA
SetupDiDeleteDeviceInfo
SetupCloseInfFile
SetupPromptReboot
SetupGetLineCountW
SetupScanFileQueueW

Sections

.text
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

278e32e33fe4b77200f3d904593322ff

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 289KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 292KB - Virtual size: 289KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB