3dc832b6360d4af2dc4a1b7a2fa8e108_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3dc832b6360d4af2dc4a1b7a2fa8e108_JaffaCakes118
Size

362KB
MD5

3dc832b6360d4af2dc4a1b7a2fa8e108
SHA1

d3e646519dbeaf9c20a0d659c7ae8008e601adcc
SHA256

231d2afe5e98e9c9cd5472777eecc12c230957104c7bd87abd5240bb0c92e6e4
SHA512

29b00322b12cd7033aeaa051f3420fefeea6d171560d45398b0fffc2dd948f73d46376741cb264180a3de1f47878a7a5dd0a5b33349eb5eb2c5302d40099933f
SSDEEP

6144:TKdG2F9FApeXwnwvLSWL9DBiXoXWQlYopQQeZniFn3t2rP:UGu9FApeXeyXL9DwXmlVSvZniFn3tA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dc832b6360d4af2dc4a1b7a2fa8e108_JaffaCakes118

Files

3dc832b6360d4af2dc4a1b7a2fa8e108_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d4817cb270965497b52c5eca00b9473

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\erwladeysz\wopgamff\

Imports

user32

ReleaseCapture
RegisterClassA
WinHelpA
CreateCaret
UnregisterDeviceNotification
EnumDesktopWindows
RegisterClassExA
LoadKeyboardLayoutA

kernel32

IsDebuggerPresent
GetTimeFormatA
HeapAlloc
GetCPInfo
GetCurrentThread
CloseHandle
ReadFile
VirtualFree
InterlockedDecrement
TlsFree
GetDateFormatA
WriteConsoleW
GetTimeZoneInformation
GetFileType
UnhandledExceptionFilter
CreateFileA
EnterCriticalSection
SetLastError
SetFilePointer
GetStdHandle
TlsGetValue
GetCurrentProcess
GetACP
CreateDirectoryExA
RtlUnwind
WideCharToMultiByte
LCMapStringW
GetEnvironmentStringsW
VirtualAlloc
WriteFile
GetOEMCP
GetCommandLineA
SetConsoleCtrlHandler
OpenMutexA
LeaveCriticalSection
ExitProcess
CompareStringW
TlsAlloc
IsValidLocale
GetStringTypeA
EnumSystemLocalesA
QueryPerformanceCounter
GetConsoleMode
GetEnvironmentStrings
GetProcessHeap
CompareStringA
LoadLibraryA
TlsSetValue
GetModuleFileNameA
CreateMutexA
SetHandleCount
IsValidCodePage
FreeEnvironmentStringsA
GetLocaleInfoA
SetStdHandle
GetUserDefaultLCID
GetConsoleCP
GetModuleHandleA
VirtualQuery
GetStringTypeW
GetTickCount
SetUnhandledExceptionFilter
InitializeCriticalSection
GetProcAddress
HeapSize
MultiByteToWideChar
GetSystemTimeAsFileTime
FreeLibrary
SetEnvironmentVariableA
FlushFileBuffers
WriteConsoleA
InterlockedExchange
HeapCreate
FreeEnvironmentStringsW
GetConsoleOutputCP
GetVersionExA
HeapReAlloc
HeapDestroy
DeleteCriticalSection
HeapFree
GetCurrentProcessId
TerminateProcess
InterlockedIncrement
GetLocaleInfoW
LCMapStringA
Sleep
GetCurrentThreadId
GetStartupInfoA
GetLastError

comctl32

InitCommonControlsEx

advapi32

RegEnumValueW
RegOpenKeyExW
RegEnumKeyA
RegEnumValueA

comdlg32

GetFileTitleA
ChooseColorW
ReplaceTextA

shell32

FreeIconList
ExtractAssociatedIconA

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d4817cb270965497b52c5eca00b9473

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

advapi32

comdlg32

shell32

Sections

.text Size: 236KB - Virtual size: 235KB

.rdata Size: 12KB - Virtual size: 19KB

.data Size: 91KB - Virtual size: 90KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 236KB - Virtual size: 235KB

.rdata
Size: 12KB - Virtual size: 19KB

.data
Size: 91KB - Virtual size: 90KB

.rsrc
Size: 22KB - Virtual size: 21KB