3ce904caba3d3ce1aa2051ea1ccf5909_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3ce904caba3d3ce1aa2051ea1ccf5909_JaffaCakes118
Size

157KB
MD5

3ce904caba3d3ce1aa2051ea1ccf5909
SHA1

0ed7861622ca9dd74f92e79c2e232d429298488d
SHA256

bf9a5e4eacbfbb4078a68f1b67bf247408eaab527ad04eda83fa4f3d0f9aeb30
SHA512

80dcba6078cfd0a3310394380b1e0ac01bbc160b6530157b610f02a4bde11b81d176fd573ceff7434614da2c0c78587ecc897e25d8abb4cbdba51f8c532ba196
SSDEEP

1536:8NQTvUS5YiAKDRKlSyQ3Y2pVVZ/BtBCdTidC:4KWirDaV2p1v6i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ce904caba3d3ce1aa2051ea1ccf5909_JaffaCakes118

Files

3ce904caba3d3ce1aa2051ea1ccf5909_JaffaCakes118
.exe windows:1 windows x86 arch:x86

56b230aa8ff29415ef714c1fca2ecc75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetSystemTimeAsFileTime
InitializeCriticalSection
GetModuleFileNameA
lstrcmpiW
lstrlenW
CloseHandle
LoadLibraryW
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetTickCount
lstrlenW
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentProcess
LoadLibraryW
GetSystemTimeAsFileTime
FreeLibrary
GetModuleFileNameA
Sleep
GetProcAddress
GetModuleHandleW
GetModuleHandleW
HeapReAlloc
GetStartupInfoW
GetTickCount
TerminateProcess
EnterCriticalSection
lstrcmpiW
CreateFileW
GetModuleHandleA
LoadLibraryW
WideCharToMultiByte
lstrlenW
GetCurrentProcess
GetStartupInfoW
WideCharToMultiByte
CloseHandle
CreateThread
GetACP
WaitForSingleObject
WriteFile
GetACP
MultiByteToWideChar
HeapFree
FormatMessageW
QueryPerformanceCounter
MultiByteToWideChar
Sleep
MultiByteToWideChar
TerminateProcess
InterlockedIncrement
GetModuleHandleA
GetCommandLineA
GetProcAddress
GetSystemTimeAsFileTime
FreeLibrary
TerminateProcess
CreateThread
ReadFile
ReadFile
GetModuleFileNameA
HeapDestroy
GetProcessHeap
GetProcessHeap
GetModuleHandleA
GetCommandLineA
SetUnhandledExceptionFilter
FormatMessageW
HeapFree
DeleteCriticalSection
WideCharToMultiByte
GetSystemTimeAsFileTime
TerminateProcess
lstrlenW
EnterCriticalSection
GetModuleHandleA
WriteFile
GetStartupInfoW
CloseHandle
WriteFile
QueryPerformanceCounter
GetStartupInfoW
LeaveCriticalSection
InterlockedIncrement
lstrcpyW
GetVersionExA
GetVersionExA
GetACP
TerminateProcess
SetEvent
GetStartupInfoW
CreateThread
GetACP
WriteFile
GetACP
CreateFileW
SetFilePointer
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
HeapAlloc
CreateFileW
GetStartupInfoW
InterlockedDecrement
GetProcessHeap
WriteFile
HeapDestroy
GetModuleHandleW
CreateFileW
ExitProcess
VirtualAlloc
lstrcmpiW
InterlockedDecrement
DeleteCriticalSection
QueryPerformanceCounter
HeapFree
GetModuleFileNameA
GetStartupInfoA
InitializeCriticalSection
Sleep
WriteFile
GetStartupInfoA
LocalAlloc
VirtualFree
Sleep
GetTickCount
GetProcAddress
HeapFree
GetLastError
lstrlenW
GetCommandLineA
LoadLibraryW
lstrcpyW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
TerminateProcess
lstrcmpiW
ReadFile
VirtualAlloc
WriteFile
ReadFile
GetCurrentThreadId
WaitForSingleObject
LocalAlloc
SetFilePointer
GetProcessHeap
GetSystemTimeAsFileTime
GetStartupInfoW
ReadFile
Sleep
InitializeCriticalSection
GetModuleFileNameA
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetACP
GetModuleFileNameA
InterlockedIncrement
LoadLibraryA
Sleep
HeapAlloc
GetCurrentProcess
GetProcAddress
UnhandledExceptionFilter
WriteFile
GetStartupInfoA
GetStartupInfoW
GetModuleFileNameA
InitializeCriticalSection
GetProcessHeap
SetEvent
GetCurrentProcessId
LocalAlloc
GetProcAddress
SetLastError
LoadLibraryW
WaitForSingleObject
GetSystemTimeAsFileTime
lstrlenW
GetModuleHandleW
LeaveCriticalSection
SetUnhandledExceptionFilter
FreeLibrary
LoadLibraryA
FreeLibrary
GetCurrentThreadId
WriteFile
FormatMessageW
HeapFree
TerminateProcess
GetTickCount
GetModuleHandleW
LoadLibraryW
HeapDestroy
TerminateProcess
HeapFree
GetCurrentProcess
WideCharToMultiByte
GetCurrentProcessId
VirtualFree
ReadFile
HeapFree
HeapFree
DeleteCriticalSection
LoadLibraryW
LocalAlloc
InterlockedIncrement

Sections

�text
Size: 138KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

�idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

56b230aa8ff29415ef714c1fca2ecc75

Headers

File Characteristics

Imports

kernel32

Sections

�text Size: 138KB - Virtual size: 152KB

�idata Size: 5KB - Virtual size: 8KB

�idata Size: 4KB - Virtual size: 4KB

�idata Size: 2KB - Virtual size: 4KB

�vmp0 Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�text
Size: 138KB - Virtual size: 152KB

�idata
Size: 5KB - Virtual size: 8KB

�idata
Size: 4KB - Virtual size: 4KB

�idata
Size: 2KB - Virtual size: 4KB

�vmp0
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB