3ce3e9cf2c4f9b71850fad1c8b541a0e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ce3e9cf2c4f9b71850fad1c8b541a0e_JaffaCakes118
Size

660KB
MD5

3ce3e9cf2c4f9b71850fad1c8b541a0e
SHA1

0a2ccaf073c2adebc42028db152bccd311dc0dbf
SHA256

12ab409be6417b58f525b83b02f4400e913e360952ff516951b02fd52495e7ac
SHA512

f12efce5a83898bc212f881018473db0ea2397ca939d514c89666eca18f2ce5bfc472a18cc8d468b4b1e110d554f4cc34ed7d219660c8580de0a25420808243a
SSDEEP

12288:2tl4rdpcJqQqtpibbr71UjrCMVDjtpD7spjsM2dTLMjTXc3P:yYQApin2jLVDb7sxB2yc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ce3e9cf2c4f9b71850fad1c8b541a0e_JaffaCakes118

Files

3ce3e9cf2c4f9b71850fad1c8b541a0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3be1d13aad220e954463582294a1b8fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\abk.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_Copy
ImageList_Destroy
ImageList_EndDrag
CreateStatusWindow
CreateUpDownControl
ImageList_GetIcon
ImageList_Draw
DrawInsert
CreateMappedBitmap
ImageList_BeginDrag
ImageList_SetFlags
ImageList_Merge
ImageList_GetImageRect
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Create
ImageList_SetImageCount
CreatePropertySheetPageW
ImageList_LoadImageA
ImageList_SetFilter

wininet

FindFirstUrlCacheGroup
InternetGetLastResponseInfoA
DeleteIE3Cache
InternetReadFileExA
InternetUnlockRequestFile
FreeUrlCacheSpaceA
GetUrlCacheEntryInfoW

comdlg32

FindTextA
GetSaveFileNameA
PageSetupDlgW

user32

MessageBoxA
LoadCursorW
DefFrameProcA
RegisterClassA
ShowWindow
MonitorFromPoint
SetWindowWord
GetGUIThreadInfo
DrawAnimatedRects
DrawFrame
EnumDisplayDevicesW
PostQuitMessage
DdeAddData
GetKeyboardLayoutNameA
DrawTextW
MessageBoxW
CharLowerW
DefWindowProcA
DdeAbandonTransaction
SetCaretBlinkTime
SetScrollInfo
DestroyWindow
CharToOemBuffA
RegisterClassExA
GetWindowModuleFileNameW
InvalidateRgn
TileChildWindows
IsCharUpperW
SetMenuContextHelpId
GetMessageA
CreateWindowExA
GetComboBoxInfo
SetClassLongA
UnpackDDElParam
SendIMEMessageExA
GetPropA
SetCursorPos
UnhookWindowsHook
TileWindows
ClientToScreen
IsIconic
DrawTextA
GetProcessDefaultLayout
VkKeyScanExW
CreateIconFromResourceEx

advapi32

RegSetValueW
CryptEnumProviderTypesA
RegSaveKeyA
RegSetValueExA
CryptDestroyHash
CryptHashSessionKey
CryptDecrypt
RegQueryValueW
RegOpenKeyA
GetUserNameW
StartServiceA
RegFlushKey
RegLoadKeyW
RegQueryMultipleValuesA
RegEnumKeyW
RegReplaceKeyW
CryptVerifySignatureA
LookupSecurityDescriptorPartsW
GetUserNameA
RegOpenKeyW
DuplicateToken

kernel32

FindResourceW
GetSystemInfo
GetModuleHandleW
FillConsoleOutputAttribute
GetModuleFileNameW
GetOEMCP
WaitForSingleObjectEx
GetStringTypeA
CreateDirectoryExA
GetEnvironmentStrings
InterlockedIncrement
IsDebuggerPresent
WritePrivateProfileStringW
GetLocaleInfoW
GetFullPathNameA
GetCommandLineA
GetProcAddress
FreeLibrary
LoadLibraryW
GetCurrentProcess
GetProcessHeaps
GetUserDefaultLCID
GlobalLock
UnhandledExceptionFilter
TerminateProcess
TlsSetValue
SetEnvironmentVariableA
EnumCalendarInfoExA
GetTickCount
CompareStringW
VirtualFree
LeaveCriticalSection
CreatePipe
DeleteCriticalSection
CopyFileExA
SetStdHandle
HeapFree
HeapSize
GetLocaleInfoA
CloseHandle
WriteConsoleW
GetTempPathW
HeapCreate
IsValidCodePage
TlsFree
VirtualQuery
WritePrivateProfileStringA
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
lstrlenA
HeapReAlloc
SetLastError
CreateProcessA
LoadLibraryA
OpenMutexA
ReadConsoleA
InterlockedDecrement
GetModuleHandleA
CreateNamedPipeW
IsBadReadPtr
lstrcmpi
RaiseException
FreeEnvironmentStringsW
SetFilePointer
CreateMutexA
GetPriorityClass
EnterCriticalSection
GetConsoleCP
OutputDebugStringA
CreateDirectoryA
FoldStringA
InterlockedExchange
SetConsoleTextAttribute
GetCurrentThread
GetConsoleMode
CreateFileA
ExitProcess
HeapAlloc
GetConsoleOutputCP
EnumResourceNamesA
InitializeCriticalSectionAndSpinCount
GetStartupInfoA
WritePrivateProfileStructW
TlsGetValue
CreateThread
GetProfileStringA
CreateWaitableTimerW
GetCalendarInfoW
CreateDirectoryW
GetCurrentThreadId
Sleep
FindFirstFileExA
MultiByteToWideChar
GlobalFindAtomW
HeapValidate
GetConsoleScreenBufferInfo
GetTimeZoneInformation
OutputDebugStringW
GetDateFormatA
EnumResourceLanguagesA
FlushFileBuffers
GetSystemTimeAsFileTime
GetFileType
RtlUnwind
GetProfileStringW
SetConsoleCtrlHandler
ReadConsoleOutputCharacterA
QueryPerformanceCounter
GetProcessHeap
SetLocaleInfoW
WriteConsoleA
FindResourceA
WriteFile
OpenEventW
GetTimeFormatA
SetConsoleTitleW
LocalFileTimeToFileTime
GetModuleFileNameA
GetStringTypeW
ExpandEnvironmentStringsW
GetThreadLocale
EnumResourceLanguagesW
GetACP
GetCurrentProcessId
IsValidLocale
TlsAlloc
InterlockedExchangeAdd
VirtualAlloc
GetLastError
GetCPInfo
MoveFileExW
GetDriveTypeA
GetEnvironmentStringsW
EnumSystemLocalesA
FindResourceExW
HeapDestroy
CompareStringA
DebugBreak
GetVersionExA
SetHandleCount
SetFileAttributesW
LCMapStringW
WideCharToMultiByte
LCMapStringA
ReadFile

shell32

SHGetFileInfo
SHGetFileInfoW

Sections

.text
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3be1d13aad220e954463582294a1b8fc

Headers

File Characteristics

PDB Paths

Imports

comctl32

wininet

comdlg32

user32

advapi32

kernel32

shell32

Sections

.text Size: 220KB - Virtual size: 217KB

.rdata Size: 288KB - Virtual size: 286KB

.data Size: 112KB - Virtual size: 122KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 220KB - Virtual size: 217KB

.rdata
Size: 288KB - Virtual size: 286KB

.data
Size: 112KB - Virtual size: 122KB

.rsrc
Size: 36KB - Virtual size: 35KB