3deb0d7414f08b78dcc1b3cf4fc7fb09_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3deb0d7414f08b78dcc1b3cf4fc7fb09_JaffaCakes118
Size

102KB
MD5

3deb0d7414f08b78dcc1b3cf4fc7fb09
SHA1

c0d1e6f00ae6a8a70b2072307c769b1d32c353f3
SHA256

61421a8504ff19c39a2feb964e3e51212ad0afa4ce83db92b0ddd2cee6b40977
SHA512

c4909130963f1eecac9a53b67cc2256de16b1e874ec13f3d42c069da38dd7d7b8cd38460daf2655126e6c0465e9e6f9da884038896e3e21288a324dcae96d018
SSDEEP

1536:bdpz3zMRkvvzr2U0fZLlaT0S1sAjyrB2IUAt/smXpSkvcYjaUEaR8zdQ:ToR+rKU0xLlgBT423mskrjaUEc8x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3deb0d7414f08b78dcc1b3cf4fc7fb09_JaffaCakes118

Files

3deb0d7414f08b78dcc1b3cf4fc7fb09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8627dd85530698478787d9ba46883645

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
LockResource
LoadResource
DeleteFileA
CreateFileA
GetTempFileNameA
GetTempPathA
GetShortPathNameA
CreateDirectoryA
CloseHandle
MultiByteToWideChar
SizeofResource
FindResourceA
GetModuleHandleA
GetModuleFileNameA
TerminateProcess
GetProcAddress
GetCurrentProcess
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadWritePtr
VirtualAlloc
SetUnhandledExceptionFilter
VirtualFree
HeapSize
HeapReAlloc
ReadFile
SetEndOfFile
LoadLibraryA
RtlUnwind
GetWindowsDirectoryA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
GetLastError
HeapAlloc
ExitProcess
WideCharToMultiByte
GetCPInfo
UnhandledExceptionFilter
IsBadReadPtr
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetACP
GetOEMCP
HeapDestroy
GetFileType
GetStdHandle
HeapCreate

user32

EndDialog
MessageBoxA
SetDlgItemTextA
SetWindowTextA
GetDlgItemTextA
SetWindowPos
DialogBoxParamA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

SHBrowseForFolderA
ord195
SHGetPathFromIDListA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

version

VerInstallFileA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8627dd85530698478787d9ba46883645

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

version

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 11KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 55KB - Virtual size: 55KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 11KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 55KB - Virtual size: 55KB

.reloc
Size: 6KB - Virtual size: 5KB