3c95f0df2cfc773c3fa787fadb0d39b3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c95f0df2cfc773c3fa787fadb0d39b3_JaffaCakes118
Size

272KB
MD5

3c95f0df2cfc773c3fa787fadb0d39b3
SHA1

386cd112c0a10431f61c4f32cd5265e06a71864a
SHA256

065477fccb1116def2cbc08183adfb6bb27e1fab1be50537111f368ffe9e1b84
SHA512

8603c4b4fc1a825101599b4ae51399d894dfa6aeefe8ed7276f34b10a50e57ff0e145daa4f25f345e9642cfc591ac18b530f53e6305dff9a25933e3bd9cb61d2
SSDEEP

6144:V9T1SMerpD+IlCjHATC4ixdelLCpG+qClAJoWEDQvoNZch:V2MfIlwHATCzgLCpWSSoWEDpNZch

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c95f0df2cfc773c3fa787fadb0d39b3_JaffaCakes118

Files

3c95f0df2cfc773c3fa787fadb0d39b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0414a69810a3ef9ba7a350f9867a6acd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\odnosksepo\ryqn\jytewwngty\deov\eeelisee\boc.pdb

Imports

gdi32

GetTextFaceA
InvertRgn
SetICMMode
DeleteMetaFile
GetTextExtentPointW
ColorCorrectPalette
FloodFill
CreateColorSpaceA
EnumICMProfilesA
GetGlyphOutline
SetWindowExtEx
Polygon
GetLogColorSpaceW
GetOutlineTextMetricsA
DPtoLP
GetViewportExtEx
SelectPalette
PtVisible

user32

SetSysColors
IsCharAlphaW
VkKeyScanExW
MessageBoxW
GetWindowInfo
LoadIconW
MapVirtualKeyW
RegisterClipboardFormatW
ShowWindow
CreatePopupMenu
RegisterClassExA
RegisterClassA
GetWindowLongA
ActivateKeyboardLayout
CreateWindowExA
LoadMenuW
OpenDesktopA
GetClassInfoExW
IsWindowVisible
GetWindowContextHelpId
SetCursorPos
CreateDialogIndirectParamW
GetGUIThreadInfo

shell32

DragQueryFileW

kernel32

QueryPerformanceCounter
GetSystemDirectoryW
GetStringTypeW
ReadFile
GetSystemTime
GetFileType
TlsAlloc
SetLastError
HeapCreate
VirtualAlloc
CompareStringA
LoadLibraryA
FindResourceW
GetModuleHandleA
GetProcAddress
GetVersion
GetEnvironmentStrings
GetStartupInfoA
InitializeCriticalSection
EnterCriticalSection
GetCurrentProcessId
GetModuleFileNameA
GetCurrentThread
GetProfileStringA
TlsSetValue
GetTickCount
GetCommandLineA
GetLastError
SetStdHandle
RtlUnwind
CompareStringW
HeapFree
VirtualFree
GetCurrencyFormatW
TlsFree
GetSystemTimeAsFileTime
CreateMutexA
OpenEventA
LCMapStringW
HeapReAlloc
OpenMutexA
LeaveCriticalSection
IsBadWritePtr
GetCPInfo
GetEnvironmentStringsW
InterlockedExchange
VirtualQuery
MultiByteToWideChar
DeleteCriticalSection
FreeEnvironmentStringsA
HeapAlloc
GetTimeZoneInformation
GetStdHandle
GetCurrentThreadId
SetEnvironmentVariableA
SetFilePointer
FlushFileBuffers
ExitProcess
LCMapStringA
GetCurrentProcess
WriteFile
WaitForSingleObject
TlsGetValue
GetOEMCP
InterlockedDecrement
GetLocaleInfoW
CloseHandle
SetHandleCount
GetACP
InterlockedIncrement
UnhandledExceptionFilter
TerminateProcess
GetLocalTime
GetStringTypeA
WideCharToMultiByte
FreeEnvironmentStringsW
HeapDestroy

comdlg32

PageSetupDlgW
PrintDlgW

comctl32

InitCommonControlsEx

advapi32

RegQueryMultipleValuesA
RegEnumKeyA
LookupPrivilegeNameW
RegEnumKeyW
LookupPrivilegeNameA
CryptEnumProvidersW
RegQueryInfoKeyW
LogonUserA

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0414a69810a3ef9ba7a350f9867a6acd

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

shell32

kernel32

comdlg32

comctl32

advapi32

Sections

.text Size: 147KB - Virtual size: 147KB

.rdata Size: 22KB - Virtual size: 48KB

.data Size: 85KB - Virtual size: 84KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 147KB - Virtual size: 147KB

.rdata
Size: 22KB - Virtual size: 48KB

.data
Size: 85KB - Virtual size: 84KB

.rsrc
Size: 17KB - Virtual size: 17KB