3aacd1521a2cf8bbd5ac99106813aa7e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3aacd1521a2cf8bbd5ac99106813aa7e_JaffaCakes118
Size

481KB
MD5

3aacd1521a2cf8bbd5ac99106813aa7e
SHA1

d30d999ac9bf9fa076dc42d8bf771ce57f9dd819
SHA256

d21d91bed3fd8c7793574a635196b85e159e54f551255ce50cc5e376a38b14e1
SHA512

9a7e20488bbd5fb121a2da195bb4c90d3b16f91545217f2143b5c20f75fe3a5fc160462458c965142a84c251329c8b09bde41ffbe7673bcf3036cb1efd7747af
SSDEEP

6144:vaXbnerRl1NCqkwZM8TR0lfQpS4YS9lZHU2BIjj9YppAUrRqukOkb:vS6n1NNkMMm0xQpdYmlBUYppAUrRhJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aacd1521a2cf8bbd5ac99106813aa7e_JaffaCakes118

Files

3aacd1521a2cf8bbd5ac99106813aa7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b4bc978087d7d6b1e9e5ce9643ea509

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
DefFrameProcW
InvalidateRect
RemovePropW
GetWindowInfo
EnumDesktopsA
IsDlgButtonChecked
UnloadKeyboardLayout
DdeNameService
IsMenu
RegisterClassA
GetAsyncKeyState

kernel32

FileTimeToLocalFileTime
UnhandledExceptionFilter
GetFileType
ReadFile
FillConsoleOutputAttribute
GetModuleFileNameA
GetFileSize
HeapCreate
TlsSetValue
WriteConsoleA
VirtualAlloc
SetTimeZoneInformation
GetTimeFormatA
GetCurrentThread
LCMapStringW
LCMapStringA
GetEnvironmentStrings
GetCommandLineW
RtlUnwind
GetConsoleCP
GetTickCount
MultiByteToWideChar
QueryPerformanceCounter
Sleep
OpenSemaphoreW
FreeLibrary
GetLastError
CompareStringW
TlsFree
VirtualProtectEx
EnumSystemLocalesA
SetEnvironmentVariableA
OpenMutexA
InterlockedIncrement
InitializeCriticalSection
HeapFree
SetFilePointer
GetProcessHeap
HeapDestroy
GetStdHandle
WriteFile
GetConsoleOutputCP
SetStdHandle
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
GetStringTypeA
HeapReAlloc
FreeEnvironmentStringsA
GetLocaleInfoW
GetConsoleMode
EnterCriticalSection
SetConsoleCtrlHandler
GetCurrentThreadId
FreeEnvironmentStringsW
DeleteCriticalSection
GetCPInfo
GetTimeZoneInformation
IsDebuggerPresent
CompareStringA
FileTimeToDosDateTime
InterlockedDecrement
GetDateFormatA
GetACP
SetLastError
GetCompressedFileSizeA
WritePrivateProfileSectionW
GetEnvironmentStringsW
HeapAlloc
GetLocaleInfoA
CloseHandle
FlushFileBuffers
SetHandleCount
VirtualFree
IsValidLocale
GetStartupInfoW
GetUserDefaultLCID
VirtualQuery
GetFileTime
TlsAlloc
AddAtomA
WideCharToMultiByte
HeapSize
GetOEMCP
ExitProcess
GetModuleFileNameW
GetVersionExA
GlobalFindAtomA
GetCommandLineA
LeaveCriticalSection
WriteConsoleW
IsValidCodePage
LoadLibraryA
WriteConsoleOutputCharacterA
GetStringTypeW
SetUnhandledExceptionFilter
GetProcAddress
lstrcpyA
CreateFileA
GetModuleHandleA
GetSystemTimeAsFileTime
InterlockedExchange
CreateMutexA
GetStartupInfoA
TlsGetValue

wininet

FtpFindFirstFileW
DeleteUrlCacheGroup
DeleteIE3Cache
CommitUrlCacheEntryA
SetUrlCacheEntryGroupW
InternetCombineUrlW
InternetTimeFromSystemTime
InternetQueryDataAvailable
GopherCreateLocatorW

comctl32

InitCommonControlsEx

Sections

.text
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b4bc978087d7d6b1e9e5ce9643ea509

Headers

File Characteristics

Imports

user32

kernel32

wininet

comctl32

Sections

.text Size: 325KB - Virtual size: 325KB

.rdata Size: 43KB - Virtual size: 51KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 325KB - Virtual size: 325KB

.rdata
Size: 43KB - Virtual size: 51KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 7KB - Virtual size: 6KB