3cca97628ab792428e2a1112ab99476a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3cca97628ab792428e2a1112ab99476a_JaffaCakes118
Size

423KB
MD5

3cca97628ab792428e2a1112ab99476a
SHA1

21bf7a91cf2ac1429f65a4e34a2ef02c1ef0ecb5
SHA256

9cc15027cb4555ad11fec4f48798fda22436bf9c14de45af413b067cbed78c03
SHA512

f4b65cc3026a3ea83f37e6a223ef39333e5b0b0ad93d88ac561ac44a854c8c7743062301e5c3fd0c936000eab6d29c54fdb53858d815e5c55a376496759ca5f7
SSDEEP

12288:mKaZldZ67wuFCtm9vr1D0LJG+MTwpTPv+xr:mKaycuf9yG+Gsix

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cca97628ab792428e2a1112ab99476a_JaffaCakes118

Files

3cca97628ab792428e2a1112ab99476a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aab241f7b3ed665f946547456d72e72c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetSystemInfo
GetWindowsDirectoryW
lstrcpy
GetLastError
WaitForDebugEvent
HeapAlloc
LoadLibraryA
UnhandledExceptionFilter
LeaveCriticalSection
WideCharToMultiByte
GetLocaleInfoW
SetConsoleCP
EnterCriticalSection
TlsGetValue
TlsSetValue
CompareStringW
GetStdHandle
GetStringTypeA
GetStartupInfoA
TlsAlloc
GetACP
GetStringTypeW
GetCPInfo
GetAtomNameA
GetUserDefaultLCID
VirtualProtect
GetOEMCP
GetProcAddress
lstrcmpW
GetLocaleInfoA
HeapFree
LockFileEx
FreeEnvironmentStringsW
SetHandleCount
GetVersionExA
VirtualQuery
LCMapStringW
HeapCreate
SetEnvironmentVariableA
DeleteCriticalSection
HeapDestroy
VirtualFree
GetFileType
HeapReAlloc
LCMapStringA
ExitProcess
GlobalGetAtomNameW
CompareFileTime
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsBadWritePtr
GetModuleHandleA
GetDateFormatA
HeapSize
InitializeCriticalSection
GetCurrentThreadId
SetLastError
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCurrentProcessId
GetModuleFileNameA
IsValidCodePage
EnumSystemLocalesA
SetEvent
GetTickCount
GetTimeZoneInformation
lstrcpyA
GetCurrentThread
TlsFree
MultiByteToWideChar
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedExchange
IsValidLocale
SetFileAttributesA
GlobalGetAtomNameA
GetEnvironmentStringsW
WriteConsoleOutputA
GetTimeFormatA

shell32

SheGetDirA
RealShellExecuteA
DragAcceptFiles
DragQueryFileW
ShellExecuteA
ExtractIconExA
ShellExecuteW
SHBrowseForFolderW
SHInvokePrinterCommandW
SheChangeDirExW
ShellExecuteExW
SHGetSpecialFolderLocation
SHInvokePrinterCommandA
FreeIconList
SHGetInstanceExplorer
SHGetDataFromIDListA
SHBrowseForFolderA
FindExecutableA
DragQueryPoint
SHFileOperationW
ExtractIconA
ExtractAssociatedIconW
DragQueryFile
ExtractAssociatedIconA

user32

ReuseDDElParam
DdeReconnect
GetPropA
CreateAcceleratorTableW
LoadBitmapW
CharUpperBuffW
DefWindowProcW
SetParent
GetWindowDC
DragObject
VkKeyScanA
CharLowerBuffA
IsCharAlphaNumericW
CheckDlgButton
GetListBoxInfo
SendMessageW
DrawStateA
GetMessageExtraInfo
LoadCursorW
IsWindowUnicode
GetDlgItemTextW
LoadStringW
IsCharLowerA
SetCapture
DestroyAcceleratorTable

comdlg32

PageSetupDlgW
PrintDlgA
GetOpenFileNameW
PageSetupDlgA
LoadAlterBitmap
ChooseFontA
GetSaveFileNameW
ReplaceTextA
FindTextW

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aab241f7b3ed665f946547456d72e72c

Headers

File Characteristics

Imports

kernel32

shell32

user32

comdlg32

Sections

.text Size: 145KB - Virtual size: 144KB

.data Size: 272KB - Virtual size: 303KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 145KB - Virtual size: 144KB

.data
Size: 272KB - Virtual size: 303KB

.rsrc
Size: 5KB - Virtual size: 4KB