3c1b46abfe4fddf7f2d26e7d4fea62de_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c1b46abfe4fddf7f2d26e7d4fea62de_JaffaCakes118
Size

296KB
MD5

3c1b46abfe4fddf7f2d26e7d4fea62de
SHA1

c2640f2f81872a80ec0e35b94a943af57a43f62f
SHA256

366555bdec5c779caa0d77f6bace29f2fa98010bf7993f625b31d6d71813f55b
SHA512

ed22c86fc6fe798d47d8b2e1ea1ae3008ddbd8650ac812aff5fd2c9f017ba9ca6167c1c10718b5f254878b831c8b1405fa5fa4569660ec57c78545d5184c4733
SSDEEP

6144:bf/T1YEoJHT6+VzH/KICTDDDjDTsSvhsyhamnE+rnbjUisrD20z:HuTTjKfDn/jbn1rnb4x20

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c1b46abfe4fddf7f2d26e7d4fea62de_JaffaCakes118

Files

3c1b46abfe4fddf7f2d26e7d4fea62de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1eb7aa524f8fdf454434cf8d0eafb991

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCursorPosition
FileTimeToLocalFileTime
LocalSize
SetFileTime
FormatMessageW
GetDiskFreeSpaceW
ReleaseMutex
AllocConsole
GetVersion
SetTimeZoneInformation
FindResourceExW
LocalLock
SizeofResource
SetStdHandle
DeleteFiber
GlobalFlags
LCMapStringA
DeleteCriticalSection
ScrollConsoleScreenBufferA
lstrcpyA
GetEnvironmentStringsW
GetFileAttributesA
IsProcessorFeaturePresent
GetFileType
GetWindowsDirectoryA
GetTapeStatus
LocalFileTimeToFileTime
WaitNamedPipeA
VirtualAllocEx
GetProcessHeap
SetConsoleOutputCP
SetMailslotInfo
IsValidLocale
TryEnterCriticalSection
SetThreadAffinityMask
FreeEnvironmentStringsA
SetupComm
GetConsoleMode
GetPrivateProfileStringW
WritePrivateProfileStructA
SetConsoleMode
GetCommConfig
GlobalAddAtomA
GetComputerNameW
lstrcmpiW
MultiByteToWideChar
SetConsoleActiveScreenBuffer
CreateNamedPipeW
InitializeCriticalSection
WritePrivateProfileSectionW
VirtualFree
_lclose
GetCommModemStatus
SetErrorMode
VirtualUnlock
EnumCalendarInfoA
ReadDirectoryChangesW
SetThreadPriorityBoost
GetTapeParameters
GetStringTypeExW
GetLogicalDriveStringsA
SetCommTimeouts
LocalReAlloc
FlushFileBuffers
SearchPathW
GlobalUnlock
SetVolumeLabelA
GetPrivateProfileSectionW
WriteProcessMemory
SetHandleCount
lstrcpynA
EnumTimeFormatsW
VirtualAlloc
SetEnvironmentVariableW
RemoveDirectoryA
OpenFile
FindResourceExA
CopyFileExW
SetEndOfFile
PurgeComm
PeekConsoleInputW
DebugBreak
SetProcessAffinityMask
GetOverlappedResult
_llseek
GetACP
GetDateFormatA
LoadLibraryExW
FillConsoleOutputCharacterA
GetFileInformationByHandle
GetCurrentProcess
GetCommandLineA
lstrlenA
GlobalGetAtomNameW
ExitProcess

user32

GetCaretBlinkTime
AdjustWindowRectEx
DrawAnimatedRects
IsIconic
GetMenuCheckMarkDimensions
GetWindowTextA
GetClipCursor
ShowCursor
SetWindowTextA
DrawFrameControl
WaitForInputIdle
CopyImage
UnhookWindowsHook
ShowWindow
DrawCaption
CreateDialogParamW
ChangeDisplaySettingsW
WindowFromPoint
CreateDesktopA
SetDlgItemInt
DispatchMessageW
TabbedTextOutW
FlashWindowEx
EmptyClipboard

gdi32

CreateBitmap
RemoveFontResourceA
GetWindowExtEx
CreateHatchBrush
Ellipse
CreateDCA

comdlg32

CommDlgExtendedError
ChooseFontA
GetSaveFileNameW

advapi32

InitializeSid
ChangeServiceConfigW
RegRestoreKeyA
GetSecurityInfo
RegConnectRegistryW
RegUnLoadKeyW
QueryServiceConfigA
RegSaveKeyA
RegQueryValueExA
RegDeleteValueW
SetServiceStatus
RegQueryInfoKeyA
GetUserNameA
RegSetValueExW
RegEnumValueA
BuildTrusteeWithSidW
ClearEventLogW
DeleteService
AddAccessAllowedAce
StartServiceCtrlDispatcherW
GetSecurityDescriptorControl
OpenServiceW
RegOpenKeyExA
CryptSetHashParam
InitiateSystemShutdownW
RegSetValueExA

ole32

StgOpenStorage
CoResumeClassObjects
RevokeDragDrop
CoReleaseServerProcess

oleaut32

SysAllocStringLen
SafeArrayUnaccessData
LoadTypeLi
VariantCopy

comctl32

ImageList_DragEnter
ImageList_Merge
ImageList_GetIcon
ImageList_DragMove

shlwapi

PathIsPrefixW
StrCatW
wvnsprintfW
PathIsRelativeW
PathAddExtensionW
SHRegSetUSValueW
PathIsFileSpecA
SHStrDupW
StrDupA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1eb7aa524f8fdf454434cf8d0eafb991

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 280KB - Virtual size: 277KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 280KB - Virtual size: 277KB