3bce8c61196fe4eda68dcaabadebb4b3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3bce8c61196fe4eda68dcaabadebb4b3_JaffaCakes118
Size

540KB
MD5

3bce8c61196fe4eda68dcaabadebb4b3
SHA1

a99d64031a580e097ecfbf2ad21f2ec93ff52126
SHA256

99fd088f1db9e308f42f0fa94515022668ec6da032f69968b07b3ea21e64ca72
SHA512

c971c982798984f7efa29347c6510e6ec86955b97090cb5740249972469a801ff3d6a6fc4e0be7b17923b5e21e213099d1242a2b38d1f240695d7c3318390b75
SSDEEP

6144:d4awY9fov+nBK7g2XNrWBoZCbTNkWaFF9SbakaLYTXpiK+a0y8SPeFvG1xtPIG:OY9fouQYBoapCF9SWfwXpiK+3y8tG/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bce8c61196fe4eda68dcaabadebb4b3_JaffaCakes118

Files

3bce8c61196fe4eda68dcaabadebb4b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d07a40c4696ca6f2241ea6c8e8ac55f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
ShowCaret
DrawAnimatedRects
CreateIconFromResource
CharNextA
RedrawWindow
RegisterClassExA

kernel32

ExitProcess
HeapCreate
GetSystemTimeAsFileTime
VirtualProtect
SetEnvironmentVariableA
TlsFree
WriteConsoleOutputCharacterW
RtlUnwind
SetFilePointer
TlsSetValue
GetLogicalDriveStringsA
GetCurrentThreadId
GetStdHandle
GetTimeZoneInformation
OpenMutexA
GetCommandLineA
QueryPerformanceCounter
FreeEnvironmentStringsW
GetFileType
HeapAlloc
GetStartupInfoA
FreeEnvironmentStringsA
CloseHandle
GetTimeFormatA
GetVolumeInformationW
GetStringTypeW
WritePrivateProfileStructW
TerminateProcess
HeapFree
UnhandledExceptionFilter
DuplicateHandle
GetOEMCP
EnumSystemLocalesA
GetProfileIntA
WaitNamedPipeA
GlobalAddAtomA
DeleteCriticalSection
InitializeCriticalSection
HeapSize
IsValidLocale
IsValidCodePage
LeaveCriticalSection
GetDateFormatA
GetCPInfo
LCMapStringW
GetTickCount
FlushFileBuffers
EnterCriticalSection
GetDiskFreeSpaceW
GetLastError
GetEnvironmentStrings
InterlockedExchange
GetStringTypeExA
GetEnvironmentStringsW
HeapDestroy
GetVersionExA
TlsAlloc
CompareStringW
WriteFile
GetUserDefaultLCID
IsBadWritePtr
LoadLibraryA
GetACP
LCMapStringA
VirtualQuery
VirtualFree
CreateMutexA
GetFullPathNameW
GetProcAddress
ReadFile
GetCurrentProcessId
VirtualAlloc
MultiByteToWideChar
CompareStringA
GetModuleHandleA
GetStringTypeA
SetStdHandle
LocalAlloc
SetLastError
TlsGetValue
GetSystemInfo
GetCurrentProcess
GetCurrentThread
SetHandleCount
GetDriveTypeW
WideCharToMultiByte
GetLocaleInfoW
GetModuleFileNameA
HeapReAlloc
GetLocaleInfoA

comctl32

InitCommonControlsEx

gdi32

GetClipBox
GetWindowOrgEx
Escape
EqualRgn
WidenPath
CreateEnhMetaFileW
GetCharacterPlacementA
CreateCompatibleDC
CreateFontIndirectW
PlayEnhMetaFile
Polyline
GetBkColor
GdiGetBatchLimit
UpdateColors
SetFontEnumeration
GetGlyphOutline
SetTextJustification
GetAspectRatioFilterEx
CreateFontA
SetPixelV
OffsetRgn

shell32

SHGetSpecialFolderPathW
SHGetPathFromIDListW
CheckEscapesW
RealShellExecuteW

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d07a40c4696ca6f2241ea6c8e8ac55f6

Headers

File Characteristics

Imports

user32

kernel32

comctl32

gdi32

shell32

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 8KB - Virtual size: 18KB

.data Size: 355KB - Virtual size: 355KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 8KB - Virtual size: 18KB

.data
Size: 355KB - Virtual size: 355KB

.rsrc
Size: 13KB - Virtual size: 12KB