3ccc580e5f5de64877d327470b80c6f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ccc580e5f5de64877d327470b80c6f2_JaffaCakes118
Size

431KB
MD5

3ccc580e5f5de64877d327470b80c6f2
SHA1

3261d79ca4303cdca426bd1f063a5e5a2126f1a0
SHA256

50e9e58c0990cc82c60630bbd7eadb6ad1749fcf44bbca2866ea31991f05f213
SHA512

c4766ac330b179ced3f584eb1e111164d6e93c8b1e81a5d804ee0a9534208d11b35d8fae8f30011d81ce9f2e4007af4f6a04351478f5d4d2afb9d6e34f9baba6
SSDEEP

6144:pcXlVfBY2SoxpEnPdXkRogwY/0kgRSOpHpxFczwH59CQO72k6nHq9TXBBj:i1jY2knPdXGLURSyHngqc2tnYzB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ccc580e5f5de64877d327470b80c6f2_JaffaCakes118

Files

3ccc580e5f5de64877d327470b80c6f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2893a4022fa3e4814b9bbba3fe9dbd9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgCtrlID
CascadeWindows
MapDialogRect
SetDlgItemInt
ChildWindowFromPoint
EnumChildWindows
ShowOwnedPopups
IsIconic
IsWindowUnicode
IsWindow
GetWindowThreadProcessId

ole32

OleConvertOLESTREAMToIStorage
StgIsStorageILockBytes
OleSaveToStream
CreateDataAdviseHolder
CreateBindCtx
CoReleaseMarshalData
OleCreateFromFileEx
FmtIdToPropStgName
OleCreateLink
CoInstall
OleCreateMenuDescriptor
ReadClassStm
CoCreateInstance
IsAccelerator

oledlg

ord9
ord3
ord1
ord12
ord11
ord8
ord10
ord2
ord4
ord5
ord6

advapi32

RegSetValueExA
RegEnumValueA
RegLoadKeyA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA

kernel32

GetStringTypeA
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetLastError
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetStringTypeW
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
RtlUnwind
GetEnvironmentStringsW
LocalFlags
HeapWalk
LocalSize
GetSystemDefaultLangID
HeapValidate
VirtualProtect
GlobalFree
GlobalAlloc
GlobalMemoryStatus
GetNumberFormatA
IsBadWritePtr
ReleaseSemaphore
SetLocaleInfoA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
WriteProfileStringA
GetProfileSectionA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lhxdhx
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2893a4022fa3e4814b9bbba3fe9dbd9a

Headers

File Characteristics

Imports

user32

ole32

oledlg

advapi32

kernel32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 280KB - Virtual size: 368KB

.lhxdhx Size: 120KB - Virtual size: 120KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 280KB - Virtual size: 368KB

.lhxdhx
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 2KB