3cfb0f7c182fe55f1b892a7bccc2d3e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cfb0f7c182fe55f1b892a7bccc2d3e7_JaffaCakes118
Size

348KB
MD5

3cfb0f7c182fe55f1b892a7bccc2d3e7
SHA1

2bca1aeddbf8754cd6a1cd84d5368470bb91fd71
SHA256

4f47fa9eec4704a90c55dfc2ccb9a64d3288f969f23028e0dc40351b0c67a57d
SHA512

976d4500fe9a11dfcc736b0dcd80efa2f0f2b24dd1ba15e5a92d3e508e7fa14c5f48079368a50994090a772b78ae7d70e0155744040d68d238f894cf7fb53bce
SSDEEP

6144:OZPBKFLy0fhtFTLdbv9TCggoJRHcHI5Hb0Re3J48iyG2PENya:OZ5cyUhHXdD9pRco5H4U54JyvPVa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cfb0f7c182fe55f1b892a7bccc2d3e7_JaffaCakes118

Files

3cfb0f7c182fe55f1b892a7bccc2d3e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0693093f1636b363760beadb6e4b490c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecA
PathFileExistsA

comctl32

InitCommonControlsEx

ws2_32

inet_ntoa
htonl
inet_addr
ntohl

kernel32

RaiseException
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetModuleFileNameA
GetLastError
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
ReadProcessMemory
VirtualProtectEx
WriteProcessMemory
FlushInstructionCache
CreateProcessA
SetProcessAffinityMask
InitializeCriticalSection
VirtualAllocEx
DeleteCriticalSection
LoadResource
LockResource
SizeofResource
FindResourceA
TerminateThread
TerminateProcess
ResumeThread
CloseHandle
GetProcessAffinityMask
lstrcmpiA
GetCurrentProcess
lstrlenA
FreeResource
GetStringTypeW
GetStringTypeA
SetFilePointer
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
HeapFree
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
GetCPInfo
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
LoadLibraryA
MultiByteToWideChar
ReadFile
LCMapStringA
WideCharToMultiByte
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreateFileA

user32

EnableWindow
EndDialog
SendDlgItemMessageA
DialogBoxParamA
LoadIconA
MessageBoxA
SendMessageA
GetDlgItem

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0693093f1636b363760beadb6e4b490c

Headers

File Characteristics

Imports

shlwapi

comctl32

ws2_32

kernel32

user32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 32KB - Virtual size: 29KB

.vmp0 Size: 220KB - Virtual size: 217KB

.reloc Size: 4KB - Virtual size: 536B

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 32KB - Virtual size: 29KB

.vmp0
Size: 220KB - Virtual size: 217KB

.reloc
Size: 4KB - Virtual size: 536B