3ce68fa4244d19c2c045f406e0c56f4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ce68fa4244d19c2c045f406e0c56f4e_JaffaCakes118
Size

140KB
MD5

3ce68fa4244d19c2c045f406e0c56f4e
SHA1

04dca25dfa01fc8065f7f24c963dbc6f2d8d7c9b
SHA256

b4a23b8298c3a8880db2a809ba176447cc82de0f66d50a58ea2affa5e57aac83
SHA512

e167a113e0517c13d1681886f8a0fadc2f400ddc93d49d02e44aa5bdf8882846de8aa6522102f5108725d233bbe6e0ed54f8aad93e4cc5d8bf0e6e23bacd6514
SSDEEP

1536:HhZ8WZnTxoz7Jii44/r1CSe2a46KKa3568eTKUIt0Q:HUWRC7Jii4y1CSMTOpMjIt0Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ce68fa4244d19c2c045f406e0c56f4e_JaffaCakes118

Files

3ce68fa4244d19c2c045f406e0c56f4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d86a9e37687ea495a97290395cb07cd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
CreateProcessW
GetStartupInfoW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
MultiByteToWideChar
InterlockedDecrement
GetPrivateProfileIntA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetVersionExA
GetLocalTime
GetCurrentThread
SetThreadPriority
lstrcmpiA
CloseHandle
lstrlenA
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetFilePointer
SetUnhandledExceptionFilter
HeapSize
HeapReAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetLastError
WideCharToMultiByte
LocalFree
RtlUnwind
MoveFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetProcAddress
TerminateProcess
GetCurrentProcess

user32

MessageBoxA
ShowCursor
GetWindowThreadProcessId
IsWindow
wsprintfA
FindWindowExA
SendMessageA
LoadCursorA
SetCursor

advapi32

BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
RegQueryValueExA
RegCloseKey
GetNamedSecurityInfoA

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
SHChangeNotify

ole32

CoInitialize
OleRun
CoCreateInstance

oleaut32

SysFreeString
VariantClear
VariantCopy
SysStringLen
SysAllocString
SysStringByteLen
VariantInit
GetErrorInfo

setupapi

SetupDiEnumDeviceInfo
SetupDiOpenClassRegKey
SetupDiGetClassDevsA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d86a9e37687ea495a97290395cb07cd0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

setupapi

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 3KB