3b4a571999f000128b120457dcf127ee_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3b4a571999f000128b120457dcf127ee_JaffaCakes118
Size

296KB
MD5

3b4a571999f000128b120457dcf127ee
SHA1

347d75d9c6d6e25631237f65bdd94291c9cba957
SHA256

9a83bc2923f32c3df7ef7b6016c8b639a8fa063f889eee42f0183ae09b3a754d
SHA512

617a0e0f7fa6109a434b6bd64572431ef642e390963c3005b298cb6edbea346b86e7454d249621c4367013c2a1808b87b93a750eb75205ac35dd37ee0149c10f
SSDEEP

6144:iXaq3vPXpR5xxoUsNyBr9dZtxMUkDJa/h969asJ0DaM3E+cm+eR3:iKKDGM9zthaJaZ9gJ4ImB3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b4a571999f000128b120457dcf127ee_JaffaCakes118

Files

3b4a571999f000128b120457dcf127ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcdc4495ee857d05206d7ad8b46bb07c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
WritePrivateProfileStructA
GetVersionExA
SetupComm
GetConsoleCursorInfo
SetConsoleTitleA
SetLastError
GetCommConfig
IsDBCSLeadByteEx
SetConsoleMode
SetVolumeLabelA
GetSystemTimeAsFileTime
FindFirstFileA
UnhandledExceptionFilter
ExitProcess
FreeEnvironmentStringsA
GetProcessHeap
CreateNamedPipeW
GenerateConsoleCtrlEvent
SetThreadPriorityBoost
GetModuleHandleA
GetShortPathNameW
GetPrivateProfileStringW
GetCommandLineA
VirtualProtect
SetThreadLocale

user32

DefFrameProcW
wvsprintfA
CopyAcceleratorTableW
InternalGetWindowText
GetMenuDefaultItem
GetClipboardFormatNameW
DestroyAcceleratorTable
IntersectRect
SetCursorPos
LoadMenuW
IsWindow
GetUserObjectInformationA
TileWindows

gdi32

CreateICA
CopyEnhMetaFileA
GetTextFaceW
CopyMetaFileA

comdlg32

GetSaveFileNameA
PageSetupDlgA

advapi32

GetFileSecurityA
RegOpenKeyExW
AddAccessAllowedAce
QueryServiceConfigW
AbortSystemShutdownA
CreatePrivateObjectSecurity
AddAce
LookupAccountNameW
RegCreateKeyExW
EqualSid
CryptDecrypt
BuildSecurityDescriptorW
GetServiceKeyNameW
CryptSetHashParam
GetLengthSid
AbortSystemShutdownW
InitializeSecurityDescriptor
RegQueryInfoKeyA
CryptGenRandom
RegRestoreKeyA
SetFileSecurityW
RegOpenKeyW
GetSecurityDescriptorSacl
ObjectCloseAuditAlarmW
RegisterServiceCtrlHandlerW
RegReplaceKeyW
ControlService
CryptHashData
CryptGetKeyParam
SetSecurityDescriptorSacl
AccessCheckAndAuditAlarmW
RegEnumValueW

shell32

SHGetSpecialFolderPathA

ole32

ReadClassStg
CoInitializeEx
RevokeDragDrop
OleLockRunning
OleCreateLink
OleInitialize

comctl32

ImageList_BeginDrag
ImageList_AddMasked
ImageList_SetDragCursorImage
ImageList_GetIcon

shlwapi

PathStripToRootA
PathRelativePathToW
PathIsDirectoryA
StrRetToStrW
StrCmpW
ChrCmpIW
StrPBrkW
PathIsPrefixW
wnsprintfW
UrlCanonicalizeW
PathIsNetworkPathW
SHRegCloseUSKey
StrStrIA
PathGetDriveNumberW
PathFileExistsW
PathRenameExtensionW
StrCmpNW
UrlApplySchemeW
PathIsDirectoryW
SHRegGetUSValueW

Sections

.text
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bcdc4495ee857d05206d7ad8b46bb07c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

Sections

.text Size: 268KB - Virtual size: 266KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 268KB - Virtual size: 266KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 17KB