3c0c558ed9da96fc18a173e71492c2f3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3c0c558ed9da96fc18a173e71492c2f3_JaffaCakes118
Size

408KB
MD5

3c0c558ed9da96fc18a173e71492c2f3
SHA1

7f3b5555b377d4a3343b8c551e5e382484836f50
SHA256

e317302a2ddee9f14e031250273440e6c930532481d699b3cd29c13dd291d16e
SHA512

aa6cb9cac1a528ebd8d87ff728e14a6d4356ef86aebe928b8ffb801f6fee5f67fc51c922b0dbb4356232256f618109322de8401391e803b0ccff051f8af26338
SSDEEP

6144:eAv8S2E3zwn9blJUGo2lawaYbnkcVoYgvGyK1SFVx+QijTaXRsH1yS+eGxUqQoP5:/8SJiRC9qDkNEJ1CV0QsquUSg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c0c558ed9da96fc18a173e71492c2f3_JaffaCakes118

Files

3c0c558ed9da96fc18a173e71492c2f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

321334dd116658100ad2484276a0e121

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\srefipqw

Imports

kernel32

EnumCalendarInfoExW
GetEnvironmentStringsW
LoadLibraryA
HeapCreate
RtlUnwind
GlobalUnlock
GetProcAddress
VirtualQuery
HeapAlloc
OpenFileMappingA
IsValidLocale
VirtualAlloc
WritePrivateProfileStringA
TlsSetValue
TlsFree
GetVersionExA
MultiByteToWideChar
TerminateProcess
GetFileType
SetCurrentDirectoryW
GetDateFormatA
HeapSize
CompareStringW
TlsGetValue
InitializeCriticalSection
GetACP
CreateWaitableTimerW
CloseHandle
GetConsoleCP
GetPrivateProfileStructA
GetCurrentProcess
GlobalSize
InterlockedExchange
GetStringTypeW
TlsAlloc
GetStringTypeA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCPInfo
HeapFree
GetLastError
WritePrivateProfileStringW
GetEnvironmentStrings
CompareStringA
PulseEvent
VirtualProtect
DeleteCriticalSection
IsValidCodePage
WaitNamedPipeW
ReadConsoleOutputCharacterW
VirtualFree
IsDebuggerPresent
GetLocaleInfoA
HeapReAlloc
WriteFile
GetStdHandle
GlobalGetAtomNameA
SetEnvironmentVariableA
CreateWaitableTimerA
ExpandEnvironmentStringsW
SetFilePointer
GetUserDefaultLCID
CreateFileW
SetConsoleCP
GetFileSize
EnterCriticalSection
GetModuleHandleA
GetSystemInfo
GetModuleHandleW
FreeEnvironmentStringsA
WriteConsoleOutputAttribute
GetProfileStringW
LCMapStringW
GetProcessAffinityMask
LCMapStringA
LeaveCriticalSection
ReadFile
GetCurrentThread
IsBadWritePtr
QueryPerformanceCounter
GetCurrentDirectoryW
GetOEMCP
GetSystemTimeAsFileTime
SetHandleCount
SetStdHandle
GetTimeFormatW
GetCommandLineA
GetCurrentThreadId
lstrcpyA
GetStartupInfoA
OpenMutexA
CreateMutexA
ExitProcess
EnumSystemLocalesA
WideCharToMultiByte
GetModuleFileNameA
GetLocaleInfoW
GetTimeZoneInformation
FlushFileBuffers
GetCurrentProcessId
GetTimeFormatA
GetTickCount
HeapDestroy
SetLastError

comctl32

CreateToolbarEx
InitCommonControlsEx
ImageList_DragMove
ImageList_Merge
ImageList_LoadImageW
InitMUILanguage
ImageList_Replace
ImageList_GetImageInfo
ImageList_AddMasked

gdi32

GetViewportExtEx
GetEnhMetaFileA
GetFontData
SetICMProfileW

user32

TrackPopupMenu
CreateWindowExW
GetIconInfo
RegisterClipboardFormatA
CloseDesktop
DlgDirSelectExW
DdeQueryConvInfo
GetMenuItemRect
GetMenuInfo
RegisterClassW
CopyAcceleratorTableA
IsDialogMessageW
DestroyWindow
WaitMessage
GetKeyboardLayoutNameW
GetPropW
CloseWindowStation
SetClassWord
CharToOemW
MessageBeep
LockWindowUpdate
LoadCursorFromFileW
ImpersonateDdeClientWindow
GetProcessWindowStation
DlgDirSelectComboBoxExA
DdeDisconnectList
DdeGetData
ShowWindow
GetSysColorBrush
BeginPaint
CreateDialogIndirectParamW
CreateAcceleratorTableW
GetWindowTextLengthA
GetUpdateRgn
CreateWindowStationA
WINNLSGetIMEHotkey
DdeQueryStringA
SetMenu
GetMessagePos
CharToOemBuffW
MessageBoxA
SetMenuDefaultItem
GetKeyboardLayout
ShowWindowAsync
IsCharUpperW
RegisterClassExA
InsertMenuW
GetWindowTextA
RegisterClassA
GetSubMenu
InvertRect
DefWindowProcW
GetDCEx
SetWindowRgn
AnyPopup
ChangeDisplaySettingsExW
EnumWindows
DlgDirSelectComboBoxExW
GrayStringW
GetMessageExtraInfo
GetCursorPos
SetDebugErrorLevel
CallMsgFilter
SendMessageTimeoutA
SetClassLongA

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

321334dd116658100ad2484276a0e121

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

gdi32

user32

Sections

.text Size: 140KB - Virtual size: 136KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 92KB - Virtual size: 110KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 92KB - Virtual size: 110KB

.rsrc
Size: 68KB - Virtual size: 66KB