3f587796ae4272b69cc61122ad2c5b4f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f587796ae4272b69cc61122ad2c5b4f_JaffaCakes118
Size

328KB
MD5

3f587796ae4272b69cc61122ad2c5b4f
SHA1

374943ce764d20c3cbf9b404548582756002d94f
SHA256

e9cba8bbc4b52dc5c0a2d1c607a6327b88cfcfbc3e181986aa6e673e3bba2f00
SHA512

192338aed9e294dd56f382a2b83f236f64d3bacdb749849962eb7709b73fbaca7409e4e04446ede7abbbb042228644a775c99d98ba35728ede4dec05dcdc96c8
SSDEEP

6144:q/6DyS/b3WKc8N31wcmI2ThsnXhL2nr0tYNiHJrIm0D:q/6WS37c8scutqauV0D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f587796ae4272b69cc61122ad2c5b4f_JaffaCakes118

Files

3f587796ae4272b69cc61122ad2c5b4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd0de1b19ff9a188a3a8ade1227dec12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\locm.pdb

Imports

gdi32

DescribePixelFormat
CreateCompatibleDC
CreateDCW
GetWindowExtEx
PolylineTo
DPtoLP
FillPath
RectVisible
CloseFigure
GetDeviceCaps
EnableEUDC
SetFontEnumeration
TranslateCharsetInfo
SetMetaFileBitsEx
DeleteObject
SetMetaRgn
GetObjectW
PtVisible
BitBlt
GetICMProfileA
SetPixelV
SetGraphicsMode
DeleteDC
GetWinMetaFileBits
PlayMetaFileRecord
GetPixel

comdlg32

FindTextW
GetFileTitleA
ReplaceTextA

wininet

GetUrlCacheHeaderData
GopherGetLocatorTypeA
HttpEndRequestW
GetUrlCacheGroupAttributeW
FindNextUrlCacheGroup
HttpSendRequestExW
InternetTimeToSystemTimeW

comctl32

InitCommonControlsEx
ImageList_Write
ImageList_GetIcon
DrawStatusTextA
ImageList_LoadImageA

user32

SetClipboardViewer
GetSystemMetrics
EnumWindowStationsW
SetProcessWindowStation
DdeQueryStringW
GetClipCursor
GetUpdateRgn
RegisterHotKey
RegisterClassExA
SetKeyboardState
GetProcessDefaultLayout
CascadeChildWindows
InsertMenuA
OffsetRect
ScrollWindowEx
ShowWindow
DdeCreateDataHandle
AppendMenuA
RemovePropW
SetSystemCursor
wvsprintfA
DdeUninitialize
SetClassLongA
SetDlgItemInt
SetFocus
SetWindowTextW
MenuItemFromPoint
CreateDialogParamW
SetUserObjectInformationA
InvalidateRect
IsCharAlphaNumericW
SendNotifyMessageW
DdeAbandonTransaction
LoadStringW
GetDialogBaseUnits
DlgDirSelectComboBoxExA
RegisterClassA
GetSysColorBrush
MapDialogRect
LookupIconIdFromDirectoryEx
GetUserObjectInformationA
OpenDesktopW
EnumChildWindows
DlgDirSelectExW
CloseDesktop
DrawIconEx
GetMessageExtraInfo
EnumDesktopsA
SetWindowPlacement
GetInputDesktop
GetScrollRange
SetMenuContextHelpId
CharUpperBuffW
GetScrollPos
CharLowerBuffA
CreateCaret
GetMenuContextHelpId
SetMenu
CloseClipboard
CharLowerBuffW
GetUserObjectSecurity
DeferWindowPos
CreateMDIWindowA
GetWindowModuleFileNameW
RegisterWindowMessageW

kernel32

LCMapStringA
SetLastError
FindNextFileA
GetCurrentThread
SetCriticalSectionSpinCount
HeapDestroy
FreeEnvironmentStringsA
TlsAlloc
GetExitCodeProcess
FreeEnvironmentStringsW
GetDiskFreeSpaceW
WritePrivateProfileStructA
InitializeCriticalSection
VirtualFree
GetPrivateProfileIntW
GlobalFix
GetStringTypeW
GetCurrentThreadId
GetCurrencyFormatA
SetStdHandle
GetCurrentProcessId
GetTimeZoneInformation
HeapFree
GetUserDefaultLangID
CreateNamedPipeA
HeapAlloc
SetFileAttributesA
GetSystemDirectoryA
CreateWaitableTimerW
LocalCompact
GetThreadLocale
ConnectNamedPipe
GetProcAddress
GetEnvironmentStringsW
GetTempFileNameA
LeaveCriticalSection
UnhandledExceptionFilter
CreateThread
MoveFileW
GetCurrentProcess
GetThreadContext
FlushFileBuffers
SetConsoleCursorInfo
GetModuleFileNameA
GetProcAddress
SetThreadPriority
GetLongPathNameW
ReadFile
EnumSystemLocalesA
OpenMutexA
FillConsoleOutputCharacterW
SetConsoleActiveScreenBuffer
TlsSetValue
GetFileType
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
FillConsoleOutputAttribute
InterlockedExchange
VirtualQuery
SetEnvironmentVariableA
InterlockedDecrement
LoadLibraryExW
EnumResourceLanguagesW
GetDiskFreeSpaceExA
DeleteCriticalSection
SetSystemTime
LocalHandle
GetProcessHeap
GetLongPathNameA
CompareStringW
GetACP
HeapReAlloc
TerminateProcess
GetCommandLineA
IsBadWritePtr
GetLastError
CloseHandle
CreatePipe
InterlockedIncrement
LoadLibraryW
GetTickCount
AddAtomW
AddAtomA
GlobalDeleteAtom
IsValidCodePage
WritePrivateProfileSectionA
EnterCriticalSection
TlsFree
WriteConsoleOutputCharacterA
EnumCalendarInfoExW
LCMapStringW
GetStringTypeA
WideCharToMultiByte
GetCommandLineW
GetConsoleOutputCP
GetStdHandle
GetEnvironmentStrings
ExitProcess
LoadLibraryA
GetModuleFileNameW
WriteProfileStringA
CreateFileMappingA
MultiByteToWideChar
GetThreadTimes
WriteConsoleOutputW
SetFilePointer
SetVolumeLabelA
lstrlen
GetTimeFormatA
CreateDirectoryA
HeapCreate
LocalUnlock
CompareStringA
CreateProcessW
FormatMessageA
CreateMailslotA
VirtualAlloc
WritePrivateProfileStringW
GetLocalTime
FindNextChangeNotification
CreateMutexA
TlsGetValue
RtlUnwind
WritePrivateProfileSectionW
GetStartupInfoW
OutputDebugStringA
ReadConsoleOutputA
GetSystemTime
GetSystemTimeAsFileTime
GetStartupInfoA
GetVersion
EnumDateFormatsW
SetComputerNameA
GetLocaleInfoA
GetCPInfo
GetModuleHandleA
FindFirstFileA
SetHandleCount
WritePrivateProfileStringA
WriteFile
QueryPerformanceCounter
SetLocalTime

advapi32

InitiateSystemShutdownW
LookupPrivilegeDisplayNameW

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd0de1b19ff9a188a3a8ade1227dec12

Headers

File Characteristics

PDB Paths

Imports

gdi32

comdlg32

wininet

comctl32

user32

kernel32

advapi32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 88KB - Virtual size: 105KB

.rsrc Size: 72KB - Virtual size: 69KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 88KB - Virtual size: 105KB

.rsrc
Size: 72KB - Virtual size: 69KB