3ddbbfa546aadd4cd810b2e3b407dd83_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3ddbbfa546aadd4cd810b2e3b407dd83_JaffaCakes118
Size

549KB
MD5

3ddbbfa546aadd4cd810b2e3b407dd83
SHA1

b8278ca3bb622ec2e7278a97465c22bb31520ac7
SHA256

6b2b092d303da67ad3f88105d945419a1b279383c49a407bcb91444e63707f84
SHA512

0c22bea4e435a407b1ea48921eddc78f82e8f4ce416cbbff0e147677cfb5a2ce6ddde02e146b8a672ea46b558de6717c754dd9efde173e8fc3d85591dfd8cb04
SSDEEP

12288:WJfXMWrS+wnpLG+ZHMMq1o5A2ixlxwa6VyUTMYIc08WC:WxXrrS+itG9O8xnwa6hjzWC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ddbbfa546aadd4cd810b2e3b407dd83_JaffaCakes118

Files

3ddbbfa546aadd4cd810b2e3b407dd83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce74a6925a51ddc261552a197e784cc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHAppBarMessage
ExtractAssociatedIconW
ExtractAssociatedIconExW
RealShellExecuteExA

advapi32

GetUserNameA
CryptHashSessionKey
RegQueryInfoKeyW
AbortSystemShutdownW
CryptImportKey
StartServiceA
GetUserNameW
LookupPrivilegeValueA
RegEnumValueA
CryptSetProvParam
RegSetKeySecurity
RegRestoreKeyW
CryptGetKeyParam
CryptVerifySignatureA
RegConnectRegistryA

gdi32

LineTo
PolyDraw
CreatePatternBrush
SetBkMode
CreatePenIndirect
GetDeviceCaps
GetSystemPaletteUse
LineDDA
DeleteMetaFile

comdlg32

PageSetupDlgW
GetFileTitleW

user32

GetScrollBarInfo
RegisterClassExA
RegisterClassA

comctl32

InitCommonControlsEx

kernel32

FreeEnvironmentStringsW
LoadLibraryA
VirtualQuery
GetCPInfo
CompareStringA
GetProcAddress
LCMapStringA
EnterCriticalSection
GetTimeZoneInformation
IsValidLocale
OpenMutexA
GetACP
LCMapStringW
GetCommandLineA
FreeLibrary
GlobalFix
HeapSize
GetTickCount
FreeEnvironmentStringsA
CreateSemaphoreA
SetStdHandle
GetEnvironmentStrings
HeapCreate
GetStartupInfoA
LoadResource
HeapFree
Sleep
GetLocaleInfoA
GetTimeFormatA
GetProcessHeap
DeleteCriticalSection
HeapAlloc
GetCurrentProcess
SetWaitableTimer
GetCurrentThreadId
VirtualFree
GetEnvironmentVariableW
HeapReAlloc
SetLastError
InterlockedExchange
FlushFileBuffers
QueryPerformanceCounter
HeapDestroy
WriteFile
SetConsoleCtrlHandler
IsValidCodePage
FileTimeToDosDateTime
ReadFile
GetConsoleCP
GetStringTypeW
TlsGetValue
TerminateProcess
GetEnvironmentStringsW
InterlockedIncrement
WriteConsoleA
ExitProcess
GetConsoleMode
GetModuleHandleA
TlsAlloc
GetCurrentThread
SetFilePointer
SetUnhandledExceptionFilter
EnumDateFormatsExW
GetConsoleOutputCP
WriteConsoleW
GetFileType
SetHandleCount
InterlockedDecrement
GetProfileIntA
MultiByteToWideChar
CreateMutexA
GetStringTypeA
EnumSystemLocalesA
GetSystemTimeAsFileTime
FreeResource
GetUserDefaultLCID
LeaveCriticalSection
GetLastError
WideCharToMultiByte
EnumCalendarInfoA
GetStdHandle
GetDateFormatA
CompareStringW
GetProfileSectionA
UnhandledExceptionFilter
TlsSetValue
GetOEMCP
IsDebuggerPresent
GetCurrentProcessId
RtlUnwind
TlsFree
GetLocaleInfoW
CloseHandle
InitializeCriticalSection
SetEnvironmentVariableA
CreateFileA
VirtualAlloc
GetVersionExA
GetModuleFileNameA

Sections

.text
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce74a6925a51ddc261552a197e784cc8

Headers

File Characteristics

Imports

shell32

advapi32

gdi32

comdlg32

user32

comctl32

kernel32

Sections

.text Size: 214KB - Virtual size: 213KB

.rdata Size: 10KB - Virtual size: 19KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 214KB - Virtual size: 213KB

.rdata
Size: 10KB - Virtual size: 19KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 8KB - Virtual size: 8KB