3d16d34e82f0584bc38b962b296a2874_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d16d34e82f0584bc38b962b296a2874_JaffaCakes118
Size

452KB
MD5

3d16d34e82f0584bc38b962b296a2874
SHA1

499c317a2c61d17e88ef9421ce7f53d08f968167
SHA256

74dea1e26112a83880dc7562401f3df34758bec7d7e26b934936c4ef3d2f38d1
SHA512

513ca0b6b1cefddcad582d9efe0729992eeb23428b5b4224b3a4f2f4b00258bfc9754852b2e1ea587d311de75a72a7bfabfeed8999f2d46d2ed8fc7df0c73d5f
SSDEEP

12288:K/kmwfzbSpQ0aKQVs41eJ9KlxU0TdR6ygR/6rHwxmkR:I3k6kH+4AJ9KhgRyjGR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d16d34e82f0584bc38b962b296a2874_JaffaCakes118

Files

3d16d34e82f0584bc38b962b296a2874_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da7cb9ca12bad06fa3eba4fb41718a79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
RegDeleteKeyW
CryptSetHashParam
RegEnumValueA

gdi32

GetTextExtentExPointW
PolyDraw
SetFontEnumeration
GetKerningPairsW
SetICMProfileW
ScaleViewportExtEx
SetPixel
SetRectRgn
GdiSetBatchLimit
SelectClipRgn
CreatePalette
CopyEnhMetaFileW
SetViewportExtEx
EnumFontsA
GetDIBColorTable
LineDDA
CloseFigure
EnumMetaFile

shell32

SHFileOperation
SHInvokePrinterCommandA

comdlg32

ChooseColorW
LoadAlterBitmap
GetFileTitleW
PrintDlgA

kernel32

GetLocaleInfoA
InterlockedDecrement
CompareStringW
GetLocaleInfoW
EnumSystemLocalesA
GetCurrentProcessId
GetProcAddress
TlsAlloc
HeapDestroy
InterlockedExchange
QueryPerformanceCounter
GetTimeFormatA
GetDateFormatA
GetCommandLineW
LeaveCriticalSection
GetModuleHandleA
GetStdHandle
AddAtomW
WriteFileEx
CopyFileA
ExitProcess
GetLastError
FreeLibrary
LoadLibraryA
IsValidLocale
VirtualAlloc
GetModuleFileNameW
GetCurrentProcess
HeapCreate
HeapSize
GlobalFindAtomW
HeapAlloc
GetTimeZoneInformation
GetOEMCP
SetUnhandledExceptionFilter
GetWindowsDirectoryW
VirtualFree
FreeEnvironmentStringsW
HeapReAlloc
IsValidCodePage
GetEnvironmentStringsW
VirtualQuery
SetHandleCount
WriteFile
GetFileAttributesExW
SetEnvironmentVariableA
GetTickCount
TlsSetValue
GetStringTypeW
LCMapStringW
GetPrivateProfileIntA
LCMapStringA
RtlUnwind
CreateMutexA
DeleteCriticalSection
SetLastError
EnterCriticalSection
GetModuleHandleW
MultiByteToWideChar
HeapFree
GetCurrentThread
TerminateProcess
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetACP
GetCPInfo
GetModuleFileNameA
WideCharToMultiByte
TlsGetValue
GetStartupInfoW
GetFileType
CompareStringA
EnumCalendarInfoW
Sleep
GetUserDefaultLCID
GetCurrentThreadId
InterlockedIncrement
IsDebuggerPresent
UnhandledExceptionFilter
GetStringTypeA
GetStartupInfoA
InitializeCriticalSectionAndSpinCount
SetCriticalSectionSpinCount
TlsFree

wininet

ShowClientAuthCerts
FtpGetCurrentDirectoryW
UnlockUrlCacheEntryFile
InternetFindNextFileA
InternetCloseHandle
FtpCommandW
FtpPutFileW
InternetDial
InternetCrackUrlA

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da7cb9ca12bad06fa3eba4fb41718a79

Headers

File Characteristics

Imports

advapi32

gdi32

shell32

comdlg32

kernel32

wininet

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 9KB - Virtual size: 21KB

.data Size: 281KB - Virtual size: 281KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 9KB - Virtual size: 21KB

.data
Size: 281KB - Virtual size: 281KB

.rsrc
Size: 6KB - Virtual size: 6KB