3e3ab6660abf153c7cd623bc31ceb30e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e3ab6660abf153c7cd623bc31ceb30e_JaffaCakes118
Size

349KB
MD5

3e3ab6660abf153c7cd623bc31ceb30e
SHA1

b6e790b0fa497deeb073b5065833e8b22e39b863
SHA256

8e09ef15852daa9efebf8257e61f1b87dabad09cfb193932fc43cc8d627e2fe1
SHA512

e5eb8215b6f458c125351b111d1414484f7df788b8a8ac8de4c6c819cadcc8be2796909b7a096bc5fcb14a5d39116bd863eff99dff4f358bca922d787d57b651
SSDEEP

6144:FYrfMhkpGBP1sBT1B4TYACeBXcDtxHyF9GqD7eznq8vblBW7ZhsYICNSf0CxDo:+jX6PYTiCeFExHyF94e8vhgHODfz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e3ab6660abf153c7cd623bc31ceb30e_JaffaCakes118

Files

3e3ab6660abf153c7cd623bc31ceb30e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98f897b9fb4f1e4c18b1d3b5b1a32439

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
DeleteFileW
lstrcpynW
FindResourceExW
LoadResource
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
lstrcpyW
lstrcpyA
SetUnhandledExceptionFilter
GetDriveTypeW
GetSystemDefaultUILanguage
WideCharToMultiByte
SetErrorMode
LeaveCriticalSection
GlobalFree
FreeLibraryAndExitThread
LocalAlloc
MultiByteToWideChar
GetModuleHandleW
SizeofResource
SetCurrentDirectoryW
GetACP
GlobalReAlloc
LocalSize
GetCurrentDirectoryW
FindNextFileW
InterlockedExchange
GetModuleHandleA
GetTickCount
GetFileAttributesW
InterlockedDecrement
lstrlenW
InterlockedIncrement
lstrcmpW
FindResourceA
GetVersionExA
WaitForSingleObject
CreateFileW
InterlockedCompareExchange
GetProfileStringW
GetModuleFileNameW
LocalFree
GlobalAlloc
QueryPerformanceCounter
FreeLibrary
SetLastError
GetVolumeInformationW
lstrcmpiW
LockResource
GetFullPathNameW
GetProcessVersion
FreeResource
GetLastError
TlsAlloc
ExpandEnvironmentStringsW
LocalReAlloc
LoadLibraryA
LoadLibraryW
lstrlenA
EnterCriticalSection
FindClose
DelayLoadFailureHook
GetShortPathNameW
FormatMessageW
GlobalUnlock
MulDiv
CreateEventW
DeleteCriticalSection
GetUserDefaultLCID
ResetEvent
TerminateProcess
GlobalLock
FindFirstFileW
GetLocaleInfoW
GetTempFileNameW
FindResourceW
DisableThreadLibraryCalls
CreateThread
TlsFree
TlsSetValue
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentProcessId
TlsGetValue
UnhandledExceptionFilter
CloseHandle
SetEvent

dnsapi

DnsReplaceRecordSetW

ntdll

NtQueryVirtualMemory
wcslen
_wcsicmp
_chkstk
memmove
RtlUnwind
RtlUnicodeStringToAnsiString
NtAllocateVirtualMemory
RtlUnicodeToMultiByteSize
RtlAnsiStringToUnicodeString
RtlInitUnicodeStringEx
RtlIsNameLegalDOS8Dot3

rpcrt4

RpcBindingFromStringBindingW
RpcBindingFree
RpcEpResolveBinding
RpcStringBindingComposeW
RpcStringFreeW
I_RpcExceptionFilter
NdrClientCall2
RpcBindingSetAuthInfoExW

comctl32

CreateToolbarEx
PropertySheetW
ImageList_GetIconSize
CreatePropertySheetPageW
FlatSB_GetScrollPos
ImageList_Destroy
ImageList_Draw

advapi32

RegCloseKey
RegEnumValueW
RegQueryValueW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA

gdi32

GetMapMode
TranslateCharsetInfo
GetTextMetricsW
GetTextCharsetInfo
CreateRectRgnIndirect
GetStockObject
GetTextExtentPointW
GetDeviceCaps
Rectangle
SelectClipRgn
RealizePalette
SelectPalette
CreateICW
ExtTextOutW
CreateDIBitmap
LineTo
CreateDiscardableBitmap
GetObjectW
BitBlt
GetNearestColor
CreateFontIndirectW
DeleteDC
EnumFontFamiliesExW
CreateFontW
TextOutW
SetWindowExtEx
SelectObject
SetBkColor
CreatePen
SetViewportExtEx
SetMapMode
SetTextColor
MoveToEx
SetBkMode
DeleteObject
CreateCompatibleBitmap
GetWindowExtEx
PatBlt
GetCharWidth32W
ExcludeClipRect
CreateSolidBrush
GetViewportExtEx
CreateDCW
CreateCompatibleDC
GetTextCharset

mswsock

AcceptEx
GetAcceptExSockaddrs

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

98f897b9fb4f1e4c18b1d3b5b1a32439

Headers

File Characteristics

Imports

kernel32

dnsapi

ntdll

rpcrt4

comctl32

advapi32

gdi32

mswsock

Sections

.text Size: 44KB - Virtual size: 44KB

.data Size: 10KB - Virtual size: 1.0MB

.rdata Size: 119KB - Virtual size: 119KB

.rsrc Size: 173KB - Virtual size: 173KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 44KB - Virtual size: 44KB

.data
Size: 10KB - Virtual size: 1.0MB

.rdata
Size: 119KB - Virtual size: 119KB

.rsrc
Size: 173KB - Virtual size: 173KB

.reloc
Size: 512B - Virtual size: 20B