3c538631011f034d7b9f1f2115f613ed_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3c538631011f034d7b9f1f2115f613ed_JaffaCakes118
Size

469KB
MD5

3c538631011f034d7b9f1f2115f613ed
SHA1

38fcb04197095262de9dc719950074e9a5119f2a
SHA256

b9ba9b294dced4af3f761fc6d414a4fec6b7953ff0cee0c03b341edd15bd7623
SHA512

a3b051aa074437f6d2a9950142138ef0bdef24bfcea61c0c3cfc3075520a801d700fa942f865cdfed76347b05bab00d58ba2a548ff9153bbc4c702424dedcce6
SSDEEP

12288:k89GfmjYNE/UOiwFdoYgHihmEFgctFXP2wEC5:kfmMNE/UOiwFdoljKvtFOwEC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c538631011f034d7b9f1f2115f613ed_JaffaCakes118

Files

3c538631011f034d7b9f1f2115f613ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da8dc36b90aba8e69d8ad3e75109ff54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
HeapAlloc
InterlockedExchange
GetStartupInfoW
GetLastError
HeapDestroy
FlushFileBuffers
GetEnvironmentStringsW
QueryPerformanceCounter
EnumSystemLocalesA
GetStdHandle
GetCommandLineA
EnumSystemCodePagesW
GetStringTypeW
GetModuleHandleA
SetFilePointer
FreeEnvironmentStringsA
GetTimeFormatA
GetCurrentThreadId
GetVolumeInformationA
TlsGetValue
OpenMutexA
CreateProcessA
ReadFile
GlobalFree
LoadLibraryA
WideCharToMultiByte
TlsSetValue
LCMapStringW
GetTickCount
IsBadWritePtr
RtlUnwind
UnhandledExceptionFilter
RemoveDirectoryW
ExitProcess
HeapFree
GetSystemInfo
GetCurrentThread
HeapSize
VirtualFree
GetFileType
GetVersionExA
SetLastError
GetDateFormatA
DeleteCriticalSection
MultiByteToWideChar
SetWaitableTimer
CreateMutexA
DeleteFiber
SetEnvironmentVariableA
SetLocalTime
GetTimeZoneInformation
HeapReAlloc
GetEnvironmentStringsA
GetEnvironmentStrings
GetStartupInfoA
CreateDirectoryA
LeaveCriticalSection
GetProcAddress
LCMapStringA
EnterCriticalSection
TerminateProcess
HeapCreate
LocalFlags
TlsAlloc
GetLocaleInfoA
FreeEnvironmentStringsW
EnumDateFormatsA
GetModuleFileNameA
GetModuleFileNameW
SetStdHandle
IsValidCodePage
CompareStringW
GlobalFindAtomA
VirtualQuery
TlsFree
CloseHandle
GetACP
GetOEMCP
SetLocaleInfoW
GetEnvironmentVariableW
GetCurrentProcessId
GetLongPathNameA
SetHandleCount
ReadConsoleOutputA
VirtualAlloc
WriteFile
GetSystemTimeAsFileTime
GetCurrentProcess
GetUserDefaultLCID
InitializeCriticalSection
CompareStringA
GetCPInfo
GetCommandLineW
GetLocaleInfoW
VirtualProtect
IsValidLocale

comctl32

InitCommonControlsEx

gdi32

GetBkColor
EnumFontsW
PolyTextOutA
GetGlyphOutlineW
FlattenPath
GetTextCharacterExtra
RemoveFontResourceA
CreateCompatibleDC
GdiGetBatchLimit
GetLogColorSpaceW
CreateDIBSection
RealizePalette
GetViewportExtEx
SetMiterLimit
GetKerningPairs
SaveDC
AddFontResourceW
SetBkMode

user32

GetTopWindow
LoadMenuA
SetWindowWord
EditWndProc
PostMessageA
MessageBoxIndirectW
SetForegroundWindow
DdeQueryNextServer
ChangeDisplaySettingsExW
TileChildWindows
RegisterClassExA
GetMenuItemRect
DdeReconnect
CreateIconFromResource
RegisterClassA
VkKeyScanA
SetCaretBlinkTime
ShowCaret
DlgDirListComboBoxW
GetMessageTime

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da8dc36b90aba8e69d8ad3e75109ff54

Headers

File Characteristics

Imports

kernel32

comctl32

gdi32

user32

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 8KB - Virtual size: 35KB

.data Size: 213KB - Virtual size: 212KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 8KB - Virtual size: 35KB

.data
Size: 213KB - Virtual size: 212KB

.rsrc
Size: 15KB - Virtual size: 14KB