3ca380ef6f2c342200c10e9e9d11451d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3ca380ef6f2c342200c10e9e9d11451d_JaffaCakes118
Size

68KB
MD5

3ca380ef6f2c342200c10e9e9d11451d
SHA1

9a879bd60b9d01420ed638aa960fe1179bc29ea0
SHA256

116e798528d6f9174541c185f1e61033f4b274188f455abcc0061a25d22fdfb0
SHA512

f3458f5650fa26a46552b0b3673ba14d6e1ea093ac0cb54b0d2d2025d02ce0216381b60d7736e14448ddff11cf86123bc18f6dd55f5112070f274a0106f51066
SSDEEP

768:121kmSUpaZXL+CojJ5/JHYqnIa7LsrfP7Zx9E6TO5MuhCJPeg7y2Dup:1kpaZXL+7J5h7sDj9E6Ce1JPegLs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ca380ef6f2c342200c10e9e9d11451d_JaffaCakes118

Files

3ca380ef6f2c342200c10e9e9d11451d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e180a836d01761708afb9c8dab0e92fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptUnprotectData

mfc42

ord823
ord825
ord800
ord540

msvcrt

strstr
_snprintf
strcmp
__CxxFrameHandler
strlen
wcscpy
strcat
strcpy
_wcsicmp
memset
memcpy
_strcmpi
wcslen
wcschr
_wcslwr
malloc
exit
??1type_info@@UAE@XZ
sprintf
_CxxThrowException

kernel32

CloseHandle
GetCurrentProcess
GetProcAddress
LoadLibraryA
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
HeapFree
HeapAlloc
GetProcessHeap
TerminateThread
DuplicateHandle
FileTimeToSystemTime
FileTimeToLocalFileTime
GetVersionExA
WriteFile
SetEndOfFile
SetFilePointer
Sleep
CreateFileA
OutputDebugStringA
GetTempPathA
GetWindowsDirectoryA
lstrcpynA
lstrcmpA
lstrcpyA
lstrlenA
WideCharToMultiByte
LocalFree
FindClose
FindFirstFileA
GetSystemDirectoryA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA
GetStartupInfoA
WinExec
DeleteFileA
ExpandEnvironmentStringsA
MoveFileExA
MoveFileA
GetModuleFileNameA
GetTickCount

user32

IsCharAlphaNumericA
wsprintfA

advapi32

LookupPrivilegeValueA
OpenProcessToken
ControlService
ChangeServiceConfigA
OpenSCManagerA
OpenServiceA
StartServiceA
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
AdjustTokenPrivileges
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoUninitialize
CoCreateInstance
CoInitialize

psapi

GetModuleInformation

shlwapi

SHSetValueA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

oleaut32

GetErrorInfo

Sections

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e180a836d01761708afb9c8dab0e92fc

Headers

File Characteristics

Imports

crypt32

mfc42

msvcrt

kernel32

user32

advapi32

ole32

psapi

shlwapi

version

oleaut32

Sections

.data Size: 30KB - Virtual size: 30KB

.rsrc Size: 37KB - Virtual size: 36KB

.data
Size: 30KB - Virtual size: 30KB

.rsrc
Size: 37KB - Virtual size: 36KB