3bc34cd59086028acc06562889f4a9c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3bc34cd59086028acc06562889f4a9c5_JaffaCakes118
Size

304KB
MD5

3bc34cd59086028acc06562889f4a9c5
SHA1

63cf1c39000078f84e4c06ad8b166dd41d12ec63
SHA256

906ab94b9ea5209c012a32f740fbdbbd8261fcf3552928d0dd6560eb5b90b7ef
SHA512

7593d1acf99b37f157ed137994904f323aade626ffb17e7744160a5a44064d75751c1166c0ee7b6b98958e8f90403c2194ef1849163d80ee012d5015d5ad8f30
SSDEEP

6144:9PHy/t0sHXUutQKmdVVBDlkDVh+fwpEPJG9j:9PSpU9K8rlkDV3/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc34cd59086028acc06562889f4a9c5_JaffaCakes118

Files

3bc34cd59086028acc06562889f4a9c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63aa82f71354281b129fb6b77e9a4a5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputW
GetVersion
PeekNamedPipe
WritePrivateProfileSectionW
GetTapeParameters
RaiseException
lstrcatW
CreateDirectoryExA
SetProcessShutdownParameters
WriteProcessMemory
GlobalFindAtomA
SetConsoleMode
lstrcmpiA
OpenMutexA
EndUpdateResourceA
GetProfileStringA
CreateWaitableTimerA
GetDriveTypeW
SetConsoleCursorPosition
GetSystemTimeAdjustment
UnmapViewOfFile
GetCommandLineW
ReadConsoleOutputA
GetCommModemStatus
SetNamedPipeHandleState
CreateDirectoryW
WriteConsoleOutputCharacterA
GetFileAttributesA
Beep
GlobalGetAtomNameW
SetConsoleTitleA
InitializeCriticalSection
GetSystemTimeAsFileTime
FindFirstFileW
FindResourceExW
FormatMessageW
GetModuleHandleA
GlobalAddAtomA
ReleaseMutex
SetFileTime
SetFileAttributesA
PrepareTape
GetComputerNameW
LoadResource
GetLongPathNameA
VirtualQuery
lstrcmpiW
SetEndOfFile
SetConsoleActiveScreenBuffer
PulseEvent
GetFileInformationByHandle
IsBadStringPtrA
GetVersionExA
VirtualProtect
LocalLock
GetTimeZoneInformation
GetTempPathW
GetBinaryTypeW
GetHandleInformation
GetCurrentProcess
ExitProcess
GetCommState
GlobalAddAtomW
SetCurrentDirectoryA
GetTapeStatus
SizeofResource
GetFullPathNameA
FindNextChangeNotification
FreeEnvironmentStringsA
WriteFile
GetSystemDefaultLangID
CreateEventA
FillConsoleOutputCharacterA
CreateProcessA
CloseHandle
CopyFileExW
RemoveDirectoryA
GenerateConsoleCtrlEvent
SetThreadAffinityMask
_lopen
IsDBCSLeadByteEx
GetProcessTimes
WritePrivateProfileSectionA
ConnectNamedPipe
GetCommandLineA

user32

GetParent
EnumDisplaySettingsExA
IsChild
MessageBoxA
LoadAcceleratorsA
InsertMenuA
GetScrollRange
GetDoubleClickTime
PostMessageA
MsgWaitForMultipleObjectsEx
GetMonitorInfoA
GetPropW
GetClassNameA
CharUpperBuffA
GetWindowWord
GetDlgItem
TranslateMessage
SetRect
SendDlgItemMessageA
ChangeMenuA
EnumClipboardFormats
DrawCaption
GrayStringW
GetThreadDesktop
SendMessageCallbackW
GrayStringA
MenuItemFromPoint
TrackMouseEvent
GetSysColor
CharNextA
GetKeyNameTextA
GetClassLongA
OpenWindowStationA
ShowCursor
SendMessageA
ChildWindowFromPointEx
SetWindowTextA
SetThreadDesktop
SetActiveWindow
SetUserObjectInformationW
OpenClipboard
IsCharLowerA
GetSubMenu
AppendMenuW
CascadeWindows
CallNextHookEx
CreateIconFromResource
PostQuitMessage
GetClassInfoExW
IsZoomed
ShowCaret
TrackPopupMenu
IsCharAlphaA

gdi32

CopyMetaFileW
GdiFlush
SetColorAdjustment
PlayMetaFileRecord
CreateICW
EnumEnhMetaFile
DPtoLP
GetViewportOrgEx
AddFontResourceW

comdlg32

ChooseFontW
PageSetupDlgW
PrintDlgW
ReplaceTextA

advapi32

RegLoadKeyW
RegSetValueW
OpenEventLogW
RegReplaceKeyW
ImpersonateSelf
SetFileSecurityA
CloseEventLog
LogonUserA
RegQueryValueExA
ControlService
RegCreateKeyA
BuildTrusteeWithSidW
CryptAcquireContextA
RegEnumKeyExA
NotifyBootConfigStatus
QueryServiceStatus
SetServiceObjectSecurity
CryptDestroyHash

shell32

SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHGetDesktopFolder
ExtractIconExW
SHFileOperationW

ole32

OleGetIconOfClass
CoGetInterfaceAndReleaseStream
OleSaveToStream
CoTreatAsClass
CreateBindCtx
ReadClassStm
OleSetContainedObject
OleSetClipboard

oleaut32

SafeArrayUnaccessData

comctl32

ImageList_EndDrag

shlwapi

UrlGetPartA
PathStripToRootA
UrlCombineW
PathCompactPathExW
PathIsFileSpecW
StrRChrA
PathFindNextComponentW
StrCmpNIA
PathRemoveBlanksA
PathRenameExtensionW

setupapi

SetupLogErrorA
SetupDiCallClassInstaller
SetupDiGetDriverInfoDetailW
SetupDiOpenDeviceInfoW
SetupCloseInfFile
SetupDiSetSelectedDriverA
SetupDefaultQueueCallbackA
SetupCloseLog
SetupGetLineCountW
SetupDiClassNameFromGuidW

Sections

.text
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63aa82f71354281b129fb6b77e9a4a5c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 288KB - Virtual size: 285KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.text
Size: 288KB - Virtual size: 285KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB