3c4054c2130ec3dd6f8ca7167a85987e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c4054c2130ec3dd6f8ca7167a85987e_JaffaCakes118
Size

1.6MB
MD5

3c4054c2130ec3dd6f8ca7167a85987e
SHA1

47500fb793708f79979fb698771ccc009f0ab6a6
SHA256

6168a30e957e6b832ae925dc4563e3abca9e06145ac4c72d93ba8aa26a28a1d4
SHA512

d228ba21bc0051940f0b1ad712c7029f51e769768ab496679f3af87b79b50d1d9c231cbfb02542b1be061f9e478af5280930c886f3fb4091bb0bf00d670bf04c
SSDEEP

49152:69qik2n3GNJ6olmvE1mFDtVh+vqSf4kdrIGmR:Kqik2n3EJDKsmVvhQvdm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c4054c2130ec3dd6f8ca7167a85987e_JaffaCakes118

Files

3c4054c2130ec3dd6f8ca7167a85987e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e7bf04789ca3f5f2088ce70cc86adac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemCodePagesW
GetTapeStatus
lstrcmpA
GetCompressedFileSizeW
ExpandEnvironmentStringsW
CreateIoCompletionPort
GetAtomNameA
GetCurrentProcessId
GlobalAddAtomA
MoveFileW
WritePrivateProfileSectionA
WriteConsoleOutputCharacterA
TlsGetValue
LocalLock
GetProcessTimes
WriteFile
ReadDirectoryChangesW
ExitThread
OpenSemaphoreW
QueryDosDeviceW
FreeEnvironmentStringsA
GetDriveTypeA
WritePrivateProfileStructA
SetSystemTime
AreFileApisANSI
VirtualFree
RemoveDirectoryW
ExitProcess
FindCloseChangeNotification
LoadResource
GetStringTypeExW
SetupComm
LoadLibraryExA
GetFileType
DeleteCriticalSection
GetSystemInfo
IsValidLocale
_lopen
SetEndOfFile
SetThreadLocale
GetProfileIntA
FreeLibraryAndExitThread
GlobalFree
WaitNamedPipeA
CreateMutexW
RaiseException
GetACP
SetProcessAffinityMask
GetLogicalDriveStringsA
GetCommandLineW
EnumResourceNamesW
FormatMessageA

user32

CreateDesktopW
GetIconInfo
BeginPaint
WindowFromPoint
FindWindowW
VkKeyScanW
DispatchMessageA
MapVirtualKeyExW
BroadcastSystemMessageA
GetAncestor
wsprintfA
DrawIcon
TranslateAcceleratorA
SetMenuItemBitmaps
ShowWindow
DefWindowProcW
IntersectRect
keybd_event
SetWindowPos
MessageBoxIndirectW
CharLowerW
IsDialogMessageA
MapDialogRect
CheckMenuRadioItem
SetDlgItemInt
GetInputState
ChangeDisplaySettingsW
MessageBoxW
GetLastActivePopup
SendDlgItemMessageW
GetWindowTextA
InvalidateRect
TranslateAcceleratorW
SetParent
DefDlgProcW
CopyRect
AttachThreadInput
HideCaret
CreateDialogParamW
CharPrevW
GetClipboardFormatNameA
GetKeyboardLayoutList
InflateRect
WindowFromDC
SetWindowPlacement
SendNotifyMessageA
DialogBoxParamA
RegisterClassExA
EnumClipboardFormats
ChangeDisplaySettingsExA
CreateWindowStationW
GetDCEx
DefFrameProcW
DrawTextA
DestroyCaret

gdi32

PolyBezierTo
CreateDCW
CreateDiscardableBitmap
GetROP2
Arc
GetBkMode
GetTextAlign
FillRgn
SetBitmapBits
SetPaletteEntries
GetEnhMetaFileHeader
GdiFlush

advapi32

RegOpenKeyExW
OpenSCManagerW
GetSidSubAuthority
CryptDeriveKey
RegRestoreKeyW
OpenServiceW
CryptGetUserKey
LookupAccountNameA
CreatePrivateObjectSecurity
CryptSignHashW
RegDeleteKeyW
NotifyBootConfigStatus
GetFileSecurityW
RegEnumKeyA

shell32

FindExecutableA
ExtractIconExW
DragAcceptFiles
SHGetSpecialFolderLocation

ole32

OleCreateMenuDescriptor
CoGetInterfaceAndReleaseStream
OleRegGetUserType
CoGetClassObject
CLSIDFromString
OleGetIconOfClass

oleaut32

VariantChangeType
LoadTypeLi
SetErrorInfo
SafeArrayGetElement
SafeArrayCreate
SafeArrayUnaccessData
LoadTypeLibEx
QueryPathOfRegTypeLi
SafeArrayPutElement

comctl32

ImageList_SetBkColor
ImageList_Duplicate
CreateStatusWindowW

shlwapi

PathRemoveBackslashA
PathRenameExtensionW
PathIsUNCW
PathIsPrefixW
StrFormatKBSizeW
PathIsRelativeW
SHGetValueA
SHRegWriteUSValueW
SHRegCreateUSKeyW
PathIsDirectoryEmptyW
StrFormatByteSizeA
PathRelativePathToW

msvcrt

wcslen
putc
rand
ctime
_wremove
_wgetcwd
_wtoi64
_putenv
_wsopen
_fsopen
frexp
_itow
_wchdir
_lseek
_beginthread
_sopen
_wcslwr
atoi
wcscpy
iswprint
_chdrive
_fileno
swscanf
__doserrno
floor
abort
_popen
_mbscpy
iswalpha
_mbsupr
_isatty
wcstod
_getdcwd
strcoll
_ismbcdigit

Sections

.text
Size: 12KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e7bf04789ca3f5f2088ce70cc86adac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 12KB - Virtual size: 1.5MB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 1.5MB - Virtual size: 1.5MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 12KB - Virtual size: 1.5MB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 1.5MB - Virtual size: 1.5MB

.rsrc
Size: 68KB - Virtual size: 66KB