3cf570431444cff3ee633993fa0afca4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3cf570431444cff3ee633993fa0afca4_JaffaCakes118
Size

529KB
MD5

3cf570431444cff3ee633993fa0afca4
SHA1

8c01ad5a5850cfa609b5e8854c6a4be68f5b39bc
SHA256

2c27a850a897a003e02e1ed4d1be8dd8e90dcf72f07069e62f7eaeed31a28a33
SHA512

a2cd23f46dcdf7162c051ad624b67fcf50a5dfc1dbd6d01e93bba23351fdd98c28e886b8819126e8af37c362cc3c3ddf76559db62fe1b6e8f8c74b441b531900
SSDEEP

12288:ho9qGiZ1vjcRVvVOA6DFfKRM4jjEt6GNEY6n:nzmVVAFfyREMGN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cf570431444cff3ee633993fa0afca4_JaffaCakes118

Files

3cf570431444cff3ee633993fa0afca4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd94d0135217c62233e6b9c72777c015

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\mwormq\eqzsseeezw.pdb

Imports

shell32

ShellExecuteW
RealShellExecuteExA
ShellExecuteEx

wininet

GopherOpenFileW
InternetCrackUrlW
HttpOpenRequestA
InternetCreateUrlW

comctl32

InitCommonControlsEx

advapi32

RegDeleteValueA
CryptDestroyKey
CryptEnumProviderTypesW
RegOpenKeyExW
ReportEventW
LookupPrivilegeNameA
RegEnumKeyA
CryptDestroyHash
RegLoadKeyW
CryptVerifySignatureA
RegLoadKeyA

kernel32

LoadLibraryA
SetUnhandledExceptionFilter
GetVersionExA
CloseHandle
HeapReAlloc
GetCurrentProcessId
RtlUnwind
InterlockedIncrement
GetModuleFileNameA
GetCurrentThread
EnterCriticalSection
VirtualProtect
TerminateProcess
GetCurrentProcess
GetFileType
QueryPerformanceCounter
GetLocaleInfoA
FreeLibrary
SetStdHandle
ReadConsoleInputA
FreeEnvironmentStringsA
GetProcAddress
SetFilePointer
FlushFileBuffers
UnhandledExceptionFilter
GetStartupInfoA
HeapCreate
Sleep
ExitProcess
WriteConsoleA
TlsFree
LCMapStringW
GetConsoleOutputCP
GetACP
GetDateFormatA
CompareStringW
InitializeCriticalSection
MultiByteToWideChar
WriteFile
VirtualQuery
GetTimeFormatA
FreeEnvironmentStringsW
IsValidCodePage
GetCommandLineW
HeapAlloc
GetEnvironmentStrings
DebugBreak
CreateFileW
LeaveCriticalSection
CompareStringA
GetTimeZoneInformation
GetStringTypeW
DeleteCriticalSection
GetEnvironmentStringsW
GetCPInfo
TlsAlloc
InterlockedExchange
LCMapStringA
SetEnvironmentVariableA
CreateFileA
GetCommandLineA
IsValidLocale
GetConsoleCP
GetStringTypeA
CreateMutexA
GetTickCount
EnumDateFormatsExW
GetSystemTimeAsFileTime
HeapSize
VirtualFree
GetStdHandle
HeapDestroy
IsDebuggerPresent
WideCharToMultiByte
OpenMutexA
SetHandleCount
ReadFile
GetLastError
GetModuleFileNameW
FormatMessageA
GetCurrentThreadId
GetProcessHeap
EnumSystemLocalesA
GetStartupInfoW
GetLocaleInfoW
SetConsoleCtrlHandler
WriteConsoleW
GetProfileSectionA
InterlockedDecrement
GetConsoleMode
TlsSetValue
ResumeThread
GetOEMCP
GetCalendarInfoA
SetLastError
GetUserDefaultLCID
HeapFree
GetModuleHandleA
TlsGetValue
VirtualAlloc
GetFileAttributesExA

user32

CreateDesktopW
DdeClientTransaction
DestroyCursor
RegisterClassExA
CreateDialogIndirectParamA
RegisterClassA
SendNotifyMessageW
CreateMenu
SetDlgItemTextA
DialogBoxParamW

comdlg32

GetFileTitleW

Sections

.text
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd94d0135217c62233e6b9c72777c015

Headers

File Characteristics

PDB Paths

Imports

shell32

wininet

comctl32

advapi32

kernel32

user32

comdlg32

Sections

.text Size: 349KB - Virtual size: 349KB

.rdata Size: 43KB - Virtual size: 52KB

.data Size: 117KB - Virtual size: 117KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 349KB - Virtual size: 349KB

.rdata
Size: 43KB - Virtual size: 52KB

.data
Size: 117KB - Virtual size: 117KB

.rsrc
Size: 18KB - Virtual size: 17KB