3d8abc99ecdd19cb568a0e6d4cdb8317_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d8abc99ecdd19cb568a0e6d4cdb8317_JaffaCakes118
Size

146KB
MD5

3d8abc99ecdd19cb568a0e6d4cdb8317
SHA1

d1dcb773cb13df49ae49cd9e07041ab6fbb3bdbd
SHA256

7243c4ebaf93db00560c8d551c82ce13738bee6295d70a0730093e3e30509d17
SHA512

364361bbe069f811cc1fe7d90e8b694e1a99e13041f43acb7250b913d43de8450f5c150e8b9be959c99244bde34ee4a62b459650d1dd3df627f84b41177438a0
SSDEEP

3072:+CD2itQuqlTr8nlgnPaznJ00cuis6RbIx6nGy9XIJHzDKhnhPPKjYPOxd+VJl3Kd:bD1tTqFrYlzmx5bdnGzT0PPBgGl30

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d8abc99ecdd19cb568a0e6d4cdb8317_JaffaCakes118

Files

3d8abc99ecdd19cb568a0e6d4cdb8317_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80d164298baf50c0f10cd772ab9b8afb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
CreateEventA
CreateEventW
SetEvent
ResetEvent
FindFirstFileA
FindNextFileA
FindClose
GetThreadLocale
MulDiv
FileTimeToLocalFileTime
SetCurrentDirectoryA
RemoveDirectoryA
DuplicateHandle
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetTickCount
IsBadWritePtr
FindFirstFileW
FindNextFileW
CompareStringW
DisableThreadLibraryCalls
WriteConsoleA
GetEnvironmentStringsW
GetSystemDirectoryA
CreateMutexA
ReleaseMutex
GetExitCodeProcess
UnmapViewOfFile
MapViewOfFile
GlobalAlloc
FindResourceA
FindResourceW
LoadResource
SizeofResource
LockResource
FreeResource
CreateFileW
ReadFile
WriteFile
GetFileSize
CloseHandle
GetVersionExA
GetStringTypeExA
IsDBCSLeadByte
GetEnvironmentStrings
CreateThread
GetCurrentThreadId
ResumeThread
ExitThread
TerminateThread
VirtualAlloc
GetStringTypeA
FileTimeToSystemTime
VirtualFree
WideCharToMultiByte
GetConsoleMode
IsBadCodePtr
GetStartupInfoW
SetEndOfFile
SetFileAttributesW
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
LoadLibraryA
LoadLibraryW
GetProcAddress
GetSystemDefaultLCID
VirtualProtect
GetDateFormatA
InterlockedCompareExchange
GetConsoleOutputCP
CreateFileA
GetCommandLineA
FlushFileBuffers
LocalFileTimeToFileTime
GlobalHandle
ExitProcess
GetFileAttributesA
SetThreadPriority
SetErrorMode
LocalFree
VirtualQuery
GetTempFileNameA
GetSystemTimeAsFileTime
GetOEMCP
GetCurrentThread
GetExitCodeThread
IsValidCodePage
GetStartupInfoA
DeleteFileA
GetTempPathA
CreateProcessW
DeviceIoControl
GetUserDefaultLangID
GetCommandLineW
LCMapStringA
lstrcpyA
InterlockedExchange
LoadLibraryExA
lstrcmpiA
GlobalReAlloc
SetFileTime
lstrlenA

msvcrt

_controlfp
__mb_cur_max
_onexit
strncat
_setjmp
iswdigit
_umask
wcstol
strstr
printf
_stricmp
_osver
sprintf
__setusermatherr
localeconv
_strdup
_CIsqrt
strtoul
strcspn
_open_osfhandle
towupper
isxdigit
sin
_iob
wcscat
_purecall
_pipe
_kbhit
fread
_wcsupr
free
_stat
rewind
_fileno
_vsnwprintf
remove
__p__commode
strrchr
isleadbyte
strtok
__getmainargs
fflush
sqrt
atexit
malloc
isdigit
log
strcpy
_assert
strtol
__initenv
_fullpath
_vsnprintf
_setjmp3
fopen
wcslen
signal
__pioinfo
strncpy
ceil
_setmode
_ismbblead
strcat
strchr
wcsncpy
_unlink
_close
wcscspn
_unlock
_strcmpi
__p__fmode
__set_app_type
realloc
_wtol
_mktemp
wcsncmp
swprintf
_getcwd
_adjust_fdiv
_mbscmp
fgetpos
cos
setlocale
sscanf
perror
calloc
_getch
fputs
ftell
_wcslwr
strncmp
_c_exit
__CxxFrameHandler
atol
_acmdln
_mbsrchr
memchr
fsetpos
_wfopen
ctime
_pctype
_snwprintf
isspace
wcstombs
_lseek
_amsg_exit
_chmod
__p___initenv
fclose
getenv
clock
rand
_lock
__badioinfo
clearerr
abort
_isctype
_beginthreadex
puts
_filbuf
srand
_wcsnicmp
rename
_CIpow
_dup
ungetc
__p__environ
time
_itoa
toupper
floor
_get_osfhandle
strcmp
_cexit
localtime
fgets
_flsbuf
_strnicmp
atoi
strspn
wcsstr
__lc_codepage
_ftol
_mbsicmp
wcsrchr
vsprintf
_fstat
strerror
wcscmp
_lseeki64
longjmp
_filelengthi64
_initterm
_mkdir
fseek
_open
_snprintf
_write
fgetc
tolower
gmtime
_dup2
_wtoi
_fdopen
exit
wctomb
_wcsicmp
_putenv
pow
_errno
_getpid
putchar
_isatty
wcstoul
wcschr
fprintf
_ultoa
strpbrk
_utime
memcpy
__dllonexit
iswspace
memset
_except_handler3
swscanf
_XcptFilter
memmove
_itow
_exit
atof
bsearch
fputc
memcmp
iswctype

user32

SetScrollRange
EqualRect
GetSystemMetrics
DispatchMessageA
InsertMenuA
GetMessagePos
ClientToScreen
GetCursorPos
wsprintfA
GetScrollRange
SetPropA
WaitMessage
GetWindow
SendDlgItemMessageA
DefWindowProcA
EmptyClipboard
GetKeyboardType
GetFocus
DestroyWindow
SetWindowTextA
GetScrollInfo
IsWindowEnabled
MapWindowPoints
OemToCharA
PeekMessageA
GetScrollPos
GetForegroundWindow
IsZoomed
DestroyCursor
GetMenuItemCount
ShowWindow
FindWindowA
EndDialog
ReleaseDC
MessageBoxA
SetRect
GetTopWindow
PtInRect
CallWindowProcA
DrawIconEx
CallNextHookEx
InvalidateRect
LoadBitmapA
PostQuitMessage
SystemParametersInfoA
IsDialogMessageA
OpenClipboard
SendMessageA
GetLastActivePopup
InsertMenuItemA
RegisterWindowMessageA
GetWindowPlacement
SetScrollInfo
CharLowerA
SetCursor
FillRect
SetFocus
FrameRect
RemovePropA
GetActiveWindow
GetMenu
GetMenuStringA
GetWindowRect
CreateWindowExA
InflateRect
IntersectRect
EndPaint
GetWindowDC
ReleaseCapture
GetWindowLongA
DestroyMenu
WindowFromPoint
EnableMenuItem
SetClassLongA
GetCapture
SetScrollPos
EnumThreadWindows
GetPropA
GetClassNameA
UnregisterClassA
GetDC
DeleteMenu
DrawFrameControl
GetKeyState
UnhookWindowsHookEx
GetParent
EnableWindow
KillTimer
GetSubMenu
IsWindowVisible
GetSystemMenu
DrawMenuBar
SetWindowPlacement
SetWindowLongA
IsWindow
DestroyIcon
DialogBoxParamA
GetDCEx
WinHelpA
BeginPaint
GetWindowThreadProcessId
ShowCursor
GetIconInfo
DrawEdge
TrackPopupMenu
ScreenToClient
GetClientRect
IsChild
OffsetRect
RedrawWindow
TranslateMessage
SetForegroundWindow
RegisterClassA
CreateMenu
GetSysColor
ShowOwnedPopups
GetDesktopWindow
IsRectEmpty
SetCapture
MessageBeep
GetDlgItem
GetSysColorBrush
LoadIconA
CloseClipboard
GetMenuState
GetWindowTextA
LoadStringA
RemoveMenu
SetClipboardData
RegisterClipboardFormatA
GetMenuItemID
ScrollWindow
SetTimer
SetActiveWindow
UpdateWindow
LoadCursorA
AdjustWindowRectEx
DrawIcon
CreatePopupMenu
PostMessageA

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80d164298baf50c0f10cd772ab9b8afb

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 1KB - Virtual size: 4KB