3cf99e2bf687bb9a26e53a83441ac94e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cf99e2bf687bb9a26e53a83441ac94e_JaffaCakes118
Size

260KB
MD5

3cf99e2bf687bb9a26e53a83441ac94e
SHA1

b241f61432760bcc525ca69e8e7468cc34c1f5cf
SHA256

324d95559a44bdd84b3b96e79439a250dfd07989ffa7fd968c5589fc547e151a
SHA512

ff26cb43d6392291b5bdeeeb376d1a486ca29229911eea89d4857a569a6f25283f572509d7306d86d38f878043915f4040cc16b9581dc226d142e2f60d9934b7
SSDEEP

6144:h/A4ovIlaB++st0Eq3gZzweWIYhQpPuWFZ:h/VovIEB++suxgZJWI/PF7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cf99e2bf687bb9a26e53a83441ac94e_JaffaCakes118

Files

3cf99e2bf687bb9a26e53a83441ac94e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e32deb3006ec4ce49853ad1b552bf505

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheEntryInfoA
InternetGetCertByURL
InternetErrorDlg
InternetDialA
FindNextUrlCacheContainerW

advapi32

CryptGetKeyParam
RegNotifyChangeKeyValue
CreateServiceW
RevertToSelf
RegQueryValueExA
InitiateSystemShutdownA
CryptSignHashA
LookupSecurityDescriptorPartsA
RegEnumValueA
CryptVerifySignatureW
StartServiceW
CryptDestroyKey
RegQueryMultipleValuesW
CryptDecrypt
CryptDestroyHash
CryptCreateHash
LookupPrivilegeNameA
CryptSetProviderA

shell32

RealShellExecuteA
SHFileOperationW
SHGetFileInfoW
SHBrowseForFolderA

user32

RegisterClassA
ExcludeUpdateRgn
ScrollWindow
FindWindowExA
DefWindowProcW
GetWindowTextLengthW
ToUnicode
ShowWindow
CreateWindowExW
DrawFocusRect
GetUserObjectInformationA
InvalidateRgn
RegisterClassExA
CharToOemBuffW
GetMenuItemInfoA
GetWindowTextA
GetMenuStringW
MessageBoxA
PostThreadMessageA
BroadcastSystemMessageW
DestroyWindow
DrawCaption
SystemParametersInfoW
GetProcessDefaultLayout
OpenClipboard
GetQueueStatus
DlgDirSelectExA

kernel32

IsValidLocale
GetCommandLineA
HeapFree
GetEnvironmentStringsW
SetLastError
GetSystemTimeAsFileTime
VirtualQuery
UnhandledExceptionFilter
GetEnvironmentStrings
HeapAlloc
GetCurrentThreadId
MultiByteToWideChar
TlsFree
GetFileType
QueryPerformanceCounter
HeapCreate
GetTickCount
SetStdHandle
GetUserDefaultLCID
RtlUnwind
CreateMutexA
HeapDestroy
GetLocaleInfoW
VirtualFree
GetStringTypeW
GetCPInfo
GetOEMCP
FreeEnvironmentStringsA
EnterCriticalSection
FreeEnvironmentStringsW
GetDateFormatA
GetCurrentThread
VirtualAlloc
TerminateProcess
SetHandleCount
LCMapStringA
GetStringTypeA
GetTimeFormatA
OpenMutexA
SetFilePointer
GetTimeZoneInformation
GetCurrentProcessId
TlsGetValue
IsBadWritePtr
IsValidCodePage
CloseHandle
WideCharToMultiByte
EnumSystemLocalesA
ExitProcess
DeleteCriticalSection
GetACP
GetSystemInfo
HeapSize
InterlockedExchange
TlsSetValue
GetModuleFileNameA
CompareStringW
SetEnvironmentVariableA
GetStartupInfoA
CompareStringA
ReadFile
GetCurrentProcess
InitializeCriticalSection
GetVersionExA
HeapReAlloc
TlsAlloc
GetModuleHandleA
FindFirstFileW
GetPrivateProfileIntW
LoadLibraryA
GetLastError
WriteFile
GetStdHandle
FlushFileBuffers
GetProcAddress
LeaveCriticalSection
LCMapStringW
GetLocaleInfoA
VirtualProtect

gdi32

PolyTextOutW
SetColorSpace
CreateDIBPatternBrushPt
SetPixelFormat
ExtCreateRegion
SetColorAdjustment
InvertRgn
CreatePalette
GetNearestColor
SetWorldTransform
CreateDCA
GetCharWidth32A
SetTextCharacterExtra
GetCharABCWidthsFloatA
GdiPlayDCScript
CheckColorsInGamut

comctl32

InitMUILanguage
DrawInsert
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_AddIcon
ImageList_DragMove

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e32deb3006ec4ce49853ad1b552bf505

Headers

File Characteristics

Imports

wininet

advapi32

shell32

user32

kernel32

gdi32

comctl32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 88KB - Virtual size: 110KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 88KB - Virtual size: 110KB

.rsrc
Size: 16KB - Virtual size: 15KB