3c558f752257e9bc2e5bbb8f7187d5fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c558f752257e9bc2e5bbb8f7187d5fe_JaffaCakes118
Size

395KB
MD5

3c558f752257e9bc2e5bbb8f7187d5fe
SHA1

259428fad7308fce150c232093e612db3db1d51d
SHA256

025e9b7ef2474e2d471f1cf19516b8421c245d63a35d55e58330f8e1bf6bb91e
SHA512

9c1e7de9884228589b84b55c581a49898990cdef047ff5f5ed94aa83862d458a6bcb52b9c978c00351af097052896a99a8ea6393a8538ffd724cb8d6e51c8585
SSDEEP

6144:iWt0W1FSgzKaqfEWVcbNhc3wkBhu5XmMrHM0MJBWEgGrNTDgijlaaAjdktwc7vpd:vq4FeEJbNu3By2gs0MC5KHPRajeDp93

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c558f752257e9bc2e5bbb8f7187d5fe_JaffaCakes118

Files

3c558f752257e9bc2e5bbb8f7187d5fe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec0ffd2e8b15cd62578bdeee56643b0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

EnterCriticalSection
CreateFileMappingA
FileTimeToLocalFileTime
SystemTimeToFileTime
SetEnvironmentVariableA
GetFileTime
FileTimeToSystemTime
ReadFile
LeaveCriticalSection
GetSystemTime
HeapUnlock
HeapCreate
ReadFileScatter
ExpandEnvironmentStringsA
InterlockedFlushSList
HeapSummary
SetThreadContext
SetFilePointer
CallNamedPipeA
GetQueuedCompletionStatus
GetNamedPipeInfo
CopyFileA
InterlockedPopEntrySList
RtlZeroMemory
SetThreadPriority
GetSystemDefaultLangID
CompareStringA
CreateIoCompletionPort
FlushViewOfFile
CreateFileA
GetThreadContext
SetFilePointerEx
InterlockedCompareExchange
EnumSystemLanguageGroupsA
OpenThread
HeapFree
lstrcpynA
CopyFileExA
TransactNamedPipe
ConnectNamedPipe
ResumeThread
PeekNamedPipe
InitializeCriticalSection
HeapWalk
PostQueuedCompletionStatus
SetFirmwareEnvironmentVariableA
lstrcatW
SuspendThread
IsBadStringPtrA
HeapLock
MapViewOfFile
RegisterWaitForSingleObject
GetTickCount
GetUserDefaultLangID
HeapReAlloc
FreeEnvironmentStringsA
DecodePointer
ReadFileEx
CreateThread
HeapDestroy
RtlFillMemory
SetLastError
InterlockedPushEntrySList
GetThreadSelectorEntry
EncodePointer
DisconnectNamedPipe
CreateMutexA
RegisterWaitForSingleObjectEx
GetEnvironmentStringsA
DeleteFileA
GetNamedPipeHandleStateA
WaitForSingleObject
GetSystemDefaultUILanguage
UnmapViewOfFile
GetStringTypeExA
lstrcpyW
CreateNamedPipeA
SwitchToThread
SetCurrentDirectoryA
VirtualAllocEx
HeapAlloc
ExitThread

msvcrt

_c_exit
__p__commode
_controlfp
_adjust_fdiv
rand
_exit
_acmdln
_except_handler3

advapi32

RegOpenKeyExA
RegSetValueExW
RegCloseKey
RegFlushKey

user32

LoadIconW
wsprintfW
SetWindowTextW
ShowWindow
SendMessageW
GetDesktopWindow
SetCapture
ReleaseCapture
InvalidateRect
SystemParametersInfoW
PostQuitMessage
GetWindowRect
SetTimer
LoadCursorW
BeginPaint
LoadStringW

Sections

.text
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec0ffd2e8b15cd62578bdeee56643b0c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

Sections

.text Size: 241KB - Virtual size: 241KB

.data Size: 144KB - Virtual size: 144KB

.rsrc Size: 9KB - Virtual size: 380KB

.text
Size: 241KB - Virtual size: 241KB

.data
Size: 144KB - Virtual size: 144KB

.rsrc
Size: 9KB - Virtual size: 380KB