3f13e4fb4bab4436788051ed353e66d8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f13e4fb4bab4436788051ed353e66d8_JaffaCakes118
Size

529KB
MD5

3f13e4fb4bab4436788051ed353e66d8
SHA1

0b3c2954e220d5a6aa00209c1909a9dd9d49946a
SHA256

2eaa273b8e29df8e454dbb8f804492ac6b8973f7c059f29bb0cad7e78d6b976c
SHA512

d204c408d110535dd20ff0cef811c6323a8c22863254eb2300dcc5df8f7aa8affda7223e486faf0c4dae24698887b0abd069f448e71bd074b9a6023b56d2390b
SSDEEP

12288:KR9Fw65kB65UNxgiJdzodzP/w7fN3tDTa+2+cWJSS89Cc8re:KR9Ag5UNxv8dzXw+LDWJ49t4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f13e4fb4bab4436788051ed353e66d8_JaffaCakes118

Files

3f13e4fb4bab4436788051ed353e66d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdd03c54e04284333b242d53e3a9a279

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
VirtualFree
HeapDestroy
CreateMutexA
GetProcAddress
QueryPerformanceCounter
GetCurrentProcessId
FreeEnvironmentStringsA
VirtualQuery
LocalAlloc
MultiByteToWideChar
CompareStringW
GetCommandLineW
LCMapStringW
SetEnvironmentVariableA
FlushFileBuffers
HeapFree
GetCurrentThread
TlsGetValue
LoadLibraryA
WideCharToMultiByte
GetPrivateProfileSectionNamesW
HeapAlloc
GetCurrentThreadId
LocalCompact
OpenMutexA
GetEnvironmentStringsW
InterlockedDecrement
GetThreadTimes
HeapCreate
GetSystemTimeAsFileTime
IsBadWritePtr
DeleteAtom
GetEnvironmentStrings
LeaveCriticalSection
GetTickCount
GetStartupInfoA
ReadFile
GetTimeZoneInformation
GetModuleFileNameA
SetStdHandle
SetLastError
TlsAlloc
InterlockedIncrement
GetStringTypeW
WriteFile
CompareStringA
TlsSetValue
EnterCriticalSection
FlushInstructionCache
CloseHandle
GetCPInfo
DuplicateHandle
FreeEnvironmentStringsW
TerminateProcess
GetModuleHandleA
InitializeCriticalSection
GetStdHandle
GetLocalTime
SetThreadLocale
GetFileType
ExitProcess
RtlUnwind
LCMapStringA
SetFilePointer
GetLastError
GetNamedPipeInfo
VirtualAlloc
DeleteCriticalSection
SetConsoleCursorPosition
GetStartupInfoW
GetStringTypeA
GetModuleFileNameW
GetSystemTime
GetVersion
UnhandledExceptionFilter
GetCurrentProcess
HeapReAlloc
TlsFree
GetCommandLineA
SetHandleCount

comctl32

InitCommonControlsEx

user32

SetWindowTextW
SetDlgItemInt
WINNLSGetEnableStatus
CharToOemA
OpenIcon
IsWindow
MapVirtualKeyExW
RegisterClassA
RegisterClassExA
GetGUIThreadInfo
GetMessageA
GetDlgItemTextA
GetWindowTextLengthW
DefFrameProcA
ScrollWindowEx
FillRect
SetMenuContextHelpId
GetProcessDefaultLayout

Sections

.text
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdd03c54e04284333b242d53e3a9a279

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 349KB - Virtual size: 349KB

.rdata Size: 51KB - Virtual size: 62KB

.data Size: 105KB - Virtual size: 104KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 349KB - Virtual size: 349KB

.rdata
Size: 51KB - Virtual size: 62KB

.data
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 22KB - Virtual size: 21KB