3c50803e0c18d8a0c6447149132367a2_JaffaCakes118

General

Target

3c50803e0c18d8a0c6447149132367a2_JaffaCakes118
Size

913KB
MD5

3c50803e0c18d8a0c6447149132367a2
SHA1

c308afdb2fef95d95629c9f967be3ff9c6842e9d
SHA256

1b828e176c3510c6fa9d2fc4ff6fe2415c9629825aecb02ac908d93c2f874c0f
SHA512

853fe6ebe071f81fb42d08a703e65a8f4ff2bfe09fbdd637ca42dba19e3e2e5171c9988d1a23002fe34a3c52cfc22bafa0da654ae8fbdc0a0d2278272a414a2e
SSDEEP

3072:0fF4QqKlo/b4QqKCTL6NohEtK/rLc4fextAXZH1MCG33AOnsRFXb7hPn32vO1B:yqKiZqKw2NohEtyhCtAXl1uVSFL7B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c50803e0c18d8a0c6447149132367a2_JaffaCakes118

Files

3c50803e0c18d8a0c6447149132367a2_JaffaCakes118
.exe windows:0 windows x86 arch:x86

fa0b1dde3360753dcffff2cb5447ed18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddConsoleAliasW
AssignProcessToJobObject
BaseInitAppcompatCache
BindIoCompletionCallback
BuildCommDCBAndTimeoutsW
CancelDeviceWakeupRequest
ChangeTimerQueueTimer
CommConfigDialogW
ConnectNamedPipe
CreateFileA
CreateProcessInternalA
CreateSocketHandle
CreateTimerQueue
DebugActiveProcess
DeleteCriticalSection
DeleteFileA
DeleteTimerQueue
EncodeSystemPointer
EndUpdateResourceA
EnumResourceLanguagesA
EnumResourceNamesW
EnumSystemGeoID
EnumSystemLocalesW
EnumerateLocalComputerNamesA
EraseTape
ExpandEnvironmentStringsA
ExtendVirtualBuffer
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindAtomA
FindNextFileA
FindNextFileW
FindNextVolumeW
FindVolumeMountPointClose
FlushInstructionCache
FoldStringW
GetAtomNameA
GetCPFileNameFromRegistry
GetCommState
GetCommandLineA
GetConsoleAliasExesW
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleAliasesLengthW
GetConsoleAliasesW
GetConsoleCharType
GetConsoleCommandHistoryLengthW
GetConsoleInputWaitHandle
GetConsoleNlsMode
GetConsoleProcessList
GetConsoleSelectionInfo
GetConsoleTitleW
GetCurrentDirectoryA
GetDefaultSortkeySize
GetFileInformationByHandle
GetFileTime
GetFirmwareEnvironmentVariableA
GetGeoInfoA
GetHandleContext
GetLongPathNameA
GetMailslotInfo
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetNumberOfConsoleMouseButtons
GetPriorityClass
GetPrivateProfileSectionA
GetPrivateProfileStructW
GetProcAddress
GetProcessAffinityMask
GetProfileIntW
GetStringTypeA
GetSystemDefaultLangID
GetSystemRegistryQuota
GetSystemWow64DirectoryA
GetSystemWow64DirectoryW
GetThreadContext
GetThreadIOPendingFlag
GetThreadLocale
GetVolumeInformationA
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
GlobalAddAtomW
GlobalFree
GlobalUnlock
HeapSize
InitializeSListHead
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsBadWritePtr
LZDone
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalFileTimeToFileTime
MapUserPhysicalPagesScatter
MoveFileW
MulDiv
OpenWaitableTimerW
Process32Next
PulseEvent
QueryMemoryResourceNotification
ReadConsoleInputW
ReadFileEx
RegisterWaitForInputIdle
ReleaseSemaphore
RemoveDirectoryW
RemoveLocalAlternateComputerNameA
ScrollConsoleScreenBufferA
SetCPGlobal
SetCommBreak
SetCommState
SetConsoleCursorInfo
SetConsoleOS2OemFormat
SetDllDirectoryA
SetEnvironmentVariableW
SetErrorMode
SetFileValidData
SetLocalPrimaryComputerNameA
SetLocaleInfoW
SetSystemTime
SetThreadLocale
SetThreadUILanguage
SetVolumeLabelA
TerminateJobObject
Thread32First
TrimVirtualBuffer
UnlockFileEx
UnregisterConsoleIME
VerSetConditionMask
VirtualFreeEx
VirtualUnlock
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleA
WriteProcessMemory
lstrcmpiW
lstrcpyn

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa0b1dde3360753dcffff2cb5447ed18

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB