3bfc8ad1455b23eb40d6b71a609c3ab6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3bfc8ad1455b23eb40d6b71a609c3ab6_JaffaCakes118
Size

544KB
MD5

3bfc8ad1455b23eb40d6b71a609c3ab6
SHA1

a00e6f05adb182f457b80ce4c2cd28bf16506a38
SHA256

2e991853424850baebb275190ecbddf5f4ce5378568aa677a9a58297f8eed89f
SHA512

9305d1c4848bc122c032b033758cfec3ded99cc425e6fb03d35b7f5859b2d830d976674c195c264d82f2e8c14d46865e8aecb0ed5f82391980ad65f18b8ff600
SSDEEP

12288:JssD78z3m/A4lk3jb2UtwkMYEv8+DPUl1Jv8u+bp3LPaKSm:JssD723m/VGjb2oMf0Cw8u+bpWJm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bfc8ad1455b23eb40d6b71a609c3ab6_JaffaCakes118

Files

3bfc8ad1455b23eb40d6b71a609c3ab6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1e4b6b8bdba662ea6d4e68caed00e75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetVersion
ExitProcess
CreateFileA
GetLocaleInfoA
Sleep
TlsGetValue
FindClose
VirtualQuery
HeapCreate
InitializeCriticalSection
WriteConsoleA
QueryPerformanceCounter
GetModuleFileNameA
TerminateProcess
SetEvent
GetFullPathNameA
GetModuleHandleW
GetACP
FindFirstFileW
GetSystemTimeAsFileTime
CloseHandle
WriteFile
SetUnhandledExceptionFilter
ReadFile
lstrcmpA
GetModuleHandleA
GetStringTypeA
MapViewOfFile
CreateThread
RaiseException
GetOEMCP
FreeEnvironmentStringsW
HeapSize
MultiByteToWideChar
SetErrorMode
UnhandledExceptionFilter
WideCharToMultiByte
IsValidCodePage
GetCommandLineW
SetFileTime
LCMapStringW
LocalAlloc
GetEnvironmentStrings
GetCurrentProcess
HeapAlloc
FreeEnvironmentStringsA
LoadLibraryA
GetFileAttributesW
GetEnvironmentStringsW
GlobalUnlock
GetTickCount
LCMapStringA
FreeLibrary
GetConsoleCP
lstrlenA
UnmapViewOfFile
ReleaseMutex
GetConsoleOutputCP
EnterCriticalSection
HeapFree
GetEnvironmentVariableA
GetLastError
VirtualAlloc
GetStartupInfoA
GetCommandLineA
GetProcAddress
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetVersionExA
HeapDestroy
VirtualFree
RtlUnwind
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
GetCPInfo
HeapReAlloc
GetStringTypeW

user32

FillRect
CreateWindowExA
ScreenToClient
GetDlgItem
GetSystemMetrics
SetWindowLongA
GetDC
IsWindowEnabled
EnableWindow
GetWindowRect
SetWindowPos
ShowWindow
EndDialog
SetForegroundWindow

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

iysgycg
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

qucwacy
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gceyoik
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1e4b6b8bdba662ea6d4e68caed00e75

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 29KB

iysgycg Size: 444KB - Virtual size: 440KB

qucwacy Size: 24KB - Virtual size: 23KB

gceyoik Size: 40KB - Virtual size: 37KB

.text
Size: 32KB - Virtual size: 29KB

iysgycg
Size: 444KB - Virtual size: 440KB

qucwacy
Size: 24KB - Virtual size: 23KB

gceyoik
Size: 40KB - Virtual size: 37KB