3e0228218b40f96e97221139a228d9e2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e0228218b40f96e97221139a228d9e2_JaffaCakes118
Size

296KB
MD5

3e0228218b40f96e97221139a228d9e2
SHA1

770e9154397a92357c10bf000e03a5d9889cdde5
SHA256

e1f40c12541e54c2bf2d7f28150c324cd48c325287f78272e70fe2caae8647fe
SHA512

2447f470a9a2d8b300b32c451dd2bd12a66e9bca868859b6f4422c526bfd383fe4a27a68e3911e69a4e901c5da4893b1cbe3806051e0510facc197b0e3ae9b29
SSDEEP

6144:MmxNS8hV42Z/LPiOtY9REnre8dcTiY4awWtTL8:HNS8j42xiOWDEnpO1TtTQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e0228218b40f96e97221139a228d9e2_JaffaCakes118

Files

3e0228218b40f96e97221139a228d9e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec311e008df89960ad12743add7bde1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\on

Imports

kernel32

FindAtomW
GetProcessHeap
LCMapStringW
UnlockFileEx
WriteProfileStringA
FindFirstFileA
GetTempFileNameW
GetEnvironmentStrings
GetDiskFreeSpaceW
GetStringTypeW
EnterCriticalSection
SetCurrentDirectoryW
LoadLibraryA
GetACP
InitializeCriticalSection
GetStdHandle
LeaveCriticalSection
RemoveDirectoryW
GlobalAddAtomW
SetHandleCount
RtlUnwind
IsBadReadPtr
ExitProcess
GetFileType
TlsAlloc
Sleep
GetAtomNameA
SetLastError
DeleteCriticalSection
SetFilePointer
SetEnvironmentVariableA
GetProcAddress
GetCommandLineA
SetConsoleCtrlHandler
GetCurrentThread
InterlockedDecrement
SetEndOfFile
GetConsoleCP
TlsSetValue
FreeEnvironmentStringsA
GetLongPathNameA
IsDebuggerPresent
QueryPerformanceCounter
GetOEMCP
OpenMutexA
InterlockedExchange
GetStartupInfoA
GetLongPathNameW
CompareStringA
TlsGetValue
GetLocaleInfoA
GetStringTypeA
HeapCreate
GetConsoleOutputCP
SetSystemTime
GetTimeFormatW
GetWindowsDirectoryA
HeapFree
OpenFileMappingA
WideCharToMultiByte
lstrcpyW
ExpandEnvironmentStringsA
GetFileAttributesW
VirtualAlloc
VirtualQuery
VirtualLock
CompareStringW
SystemTimeToFileTime
GetTimeFormatA
RtlMoveMemory
IsValidCodePage
GetPrivateProfileSectionA
GetDateFormatA
FileTimeToLocalFileTime
GetVolumeInformationA
CreateFileA
ReadConsoleInputA
TransmitCommChar
OpenFileMappingW
TlsFree
GetCPInfo
OpenMutexW
LCMapStringA
GetConsoleMode
WriteFile
GetCurrentThreadId
CreateMutexA
WriteConsoleA
HeapReAlloc
FlushFileBuffers
GetFileAttributesExW
SetConsoleTextAttribute
OutputDebugStringW
GetVersionExA
GetModuleHandleA
GetLastError
CloseHandle
HeapAlloc
HeapSize
GetCurrentProcessId
UnhandledExceptionFilter
FreeLibrary
GlobalUnfix
GetSystemDefaultLCID
HeapDestroy
SetUnhandledExceptionFilter
SetLocaleInfoW
FreeEnvironmentStringsW
FindAtomA
LockResource
CreateDirectoryA
FileTimeToDosDateTime
GetLocaleInfoW
GetThreadSelectorEntry
GetCurrentProcess
MultiByteToWideChar
GetTickCount
GetUserDefaultLCID
GetTimeZoneInformation
FoldStringW
GetDiskFreeSpaceExW
SetVolumeLabelW
EnumSystemLocalesA
DeleteFileA
GetModuleFileNameA
GetEnvironmentStringsW
DosDateTimeToFileTime
CreateSemaphoreA
CreateToolhelp32Snapshot
ReadFile
InterlockedIncrement
EnumResourceLanguagesA
VirtualFree
VirtualQueryEx
GetSystemDirectoryA
GetSystemDefaultLangID
TerminateProcess
IsValidLocale
GetSystemTimeAsFileTime
lstrcpynW
SetStdHandle
WriteConsoleW
CreateDirectoryExW
HeapValidate
GetLogicalDriveStringsA

gdi32

GetPolyFillMode
SetTextJustification
ResetDCW
ScaleWindowExtEx
GetTextFaceW
CreateScalableFontResourceW
CreateDCA
CreateDCW
EnableEUDC
CreateEllipticRgnIndirect
DeleteObject
CheckColorsInGamut
GetEnhMetaFileW
GetObjectW
DeleteDC
AddFontResourceW
GetCharWidthW
SetGraphicsMode
GetDeviceCaps
SelectObject
GetCharWidthA

comctl32

InitMUILanguage
ImageList_SetImageCount
ImageList_Create
ImageList_GetIconSize
CreateStatusWindowW
CreateMappedBitmap
ImageList_SetOverlayImage
ImageList_DragLeave
ImageList_DragEnter
ImageList_SetIconSize
ImageList_Write
ImageList_GetBkColor
InitCommonControlsEx
ImageList_GetDragImage

user32

IsCharUpperA
GetWindowPlacement
GetUpdateRect
DrawMenuBar
CascadeChildWindows
AnimateWindow
GetClassInfoW
IsCharLowerA
DdeConnectList
WindowFromDC
CreatePopupMenu
OemToCharA
SetTimer
GetTabbedTextExtentA
ExcludeUpdateRgn
EndMenu
GetShellWindow
ActivateKeyboardLayout
RegisterClassExA
GetDCEx
InsertMenuItemA
GetMessageExtraInfo
EnumThreadWindows
GetKeyboardLayoutNameA
GetClassInfoExA
GetClassNameW
CallMsgFilterW
OemToCharW
VkKeyScanExA
GetKeyboardLayoutNameW
CharToOemW
GetMessagePos
DefMDIChildProcW
IsDlgButtonChecked
EndTask
DestroyMenu
OpenInputDesktop
GetMenuBarInfo
ShowScrollBar
ScrollDC
GetOpenClipboardWindow
DefWindowProcA
RegisterClassA
GetAsyncKeyState
GetClipCursor
wvsprintfW
ChangeDisplaySettingsExW
GetWindowWord
EndPaint
CharUpperA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec311e008df89960ad12743add7bde1b

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comctl32

user32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 92KB - Virtual size: 106KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 92KB - Virtual size: 106KB

.rsrc
Size: 48KB - Virtual size: 45KB