3bc31161e2d248e1d1f1a3e0a55eccb4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3bc31161e2d248e1d1f1a3e0a55eccb4_JaffaCakes118
Size

304KB
MD5

3bc31161e2d248e1d1f1a3e0a55eccb4
SHA1

f53232758f6d475e3b4b9b98e6e1d6eff3c5f8b7
SHA256

7c71dd8f2c5c958e290b42ead71fe628f3664d1b1436dec0f72ba002ccad700f
SHA512

a447dd29aca721ed1b569bba8ece228a0f71209038bb83c9671ee9e9e25d8c1c034a558cdd9d6d357c59ebc43aeec8f6c4c4c8ec8200059dc7231e0cdab6efca
SSDEEP

6144:Ua8rcDZroGONGh/0H+nCAYkadPu8suJBPli0bOL1BiTcGyJC:5DN01Gt0H+CAYJg81jPw0bCBDJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc31161e2d248e1d1f1a3e0a55eccb4_JaffaCakes118

Files

3bc31161e2d248e1d1f1a3e0a55eccb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

02d5589c5adb6e4ce5119018a973dd53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

_TrackMouseEvent
ImageList_Remove
ImageList_BeginDrag
ImageList_GetIconSize
ImageList_Read
ImageList_SetFlags
ImageList_SetFilter
ImageList_GetBkColor
ImageList_Create
ImageList_Add
CreateStatusWindowA
ImageList_LoadImageA
ImageList_LoadImage
InitCommonControlsEx
DrawStatusTextW

kernel32

CompareStringW
GetACP
GetSystemTimeAsFileTime
IsBadReadPtr
SetConsoleCtrlHandler
GetCPInfo
GetStartupInfoA
GetCurrentThread
TlsAlloc
GetModuleFileNameA
OpenMutexA
ReadFile
DeleteCriticalSection
CompareStringA
HeapDestroy
GetEnvironmentStringsW
TlsGetValue
GetStdHandle
TerminateProcess
TlsSetValue
GetEnvironmentStrings
WideCharToMultiByte
HeapFree
CloseHandle
GetCurrentProcess
WriteFile
CreateProcessA
OutputDebugStringA
LoadLibraryA
GetCommandLineA
SetHandleCount
GetCurrentThreadId
InitializeCriticalSection
GetStringTypeW
VirtualQuery
GetOEMCP
CreateMutexA
HeapCreate
GetSystemTime
SetLastError
FreeEnvironmentStringsW
InterlockedExchange
GetFileType
FlushFileBuffers
GetModuleHandleA
IsBadWritePtr
LCMapStringW
GetVersion
InterlockedIncrement
GetCurrentProcessId
ExitProcess
HeapValidate
VirtualFree
GetLocalTime
GetLastError
RtlUnwind
SetEnvironmentVariableA
DebugBreak
OpenFileMappingW
SetFilePointer
MultiByteToWideChar
LeaveCriticalSection
UnhandledExceptionFilter
InterlockedDecrement
GetTimeZoneInformation
FreeEnvironmentStringsA
GetTickCount
EnterCriticalSection
GetProcAddress
HeapAlloc
SetStdHandle
HeapReAlloc
QueryPerformanceCounter
LCMapStringA
TlsFree
VirtualAlloc
GetStringTypeA

user32

DrawIconEx
CreateMDIWindowW
LoadIconA
SetUserObjectSecurity
DdeInitializeA
MessageBoxW
LookupIconIdFromDirectoryEx
ModifyMenuW
MsgWaitForMultipleObjects
DefWindowProcW
SetScrollRange
DeferWindowPos
ChildWindowFromPointEx
SetClassWord
GetParent
CreateWindowExA
IsIconic
GetClipCursor
GetGUIThreadInfo
SetWindowsHookExA
CharUpperBuffA
GetClassLongA
CharUpperBuffW
DlgDirListComboBoxW
SwitchDesktop
CharNextW
EqualRect
OpenIcon
GetSystemMetrics
FindWindowExA
TranslateAccelerator
SendMessageTimeoutA
RegisterClassExA
PostThreadMessageA
DestroyWindow
CharNextA
GetDCEx
CharLowerA
TrackPopupMenuEx
DdeReconnect
GetUserObjectSecurity
DrawMenuBar
IsCharLowerW
DefWindowProcA
ReleaseCapture
TrackMouseEvent
PackDDElParam
DdeAbandonTransaction
RegisterClassA
ShowWindow
GetMenuStringA
GetListBoxInfo
InsertMenuItemW

advapi32

RegOpenKeyW
CryptDuplicateKey
LookupAccountSidW
RegQueryMultipleValuesW
StartServiceA
CryptGetDefaultProviderW
ReportEventA
RegEnumValueW
RegOpenKeyExA
RegEnumValueA
RegReplaceKeyA
CryptDeriveKey
RevertToSelf
CryptSetProviderExW
RegDeleteKeyW
CryptAcquireContextW
RegQueryMultipleValuesA
InitializeSecurityDescriptor
RegSetKeySecurity
CryptEncrypt

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02d5589c5adb6e4ce5119018a973dd53

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 92KB - Virtual size: 88KB

.data Size: 92KB - Virtual size: 111KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 92KB - Virtual size: 88KB

.data
Size: 92KB - Virtual size: 111KB

.rsrc
Size: 20KB - Virtual size: 19KB