3e57b3c91777bc3e8e758d294ccdc02b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e57b3c91777bc3e8e758d294ccdc02b_JaffaCakes118
Size

660KB
MD5

3e57b3c91777bc3e8e758d294ccdc02b
SHA1

2f773c421ecc1725ebf9c6aafa44166dc665dace
SHA256

aca845bb3e4db79d6c7111c58442f59f0a8c45881adb3159f621f8a2712e00b9
SHA512

a344ce8809656e4cdc2f953422c748c2c055c067375055d2bd8254f79aad752e553f5a8db042fd994980362d955c487b4ffbb3c6931fcb4669a495b39cf6b2e4
SSDEEP

12288:Y03pQ4CWceLUgsBMX7K7g+6EjSwS2jlv+zjIEiVmAnrAk8:ppfeRBUe7N6nh2p8IEqmg8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e57b3c91777bc3e8e758d294ccdc02b_JaffaCakes118

Files

3e57b3c91777bc3e8e758d294ccdc02b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5a7d05a062e93e77fe152f17ada88dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\seeabeia.pdb

Imports

comdlg32

ChooseColorA
FindTextA
PageSetupDlgA

kernel32

GetCommandLineA
WriteFile
GetSystemDefaultLCID
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetSystemTimeAsFileTime
TlsFree
ExitProcess
MoveFileExW
VirtualAlloc
GetConsoleMode
InterlockedDecrement
VirtualQuery
GetConsoleOutputCP
GetFullPathNameA
GetDateFormatA
LeaveCriticalSection
QueryPerformanceCounter
LCMapStringA
SetStdHandle
HeapAlloc
CompareStringW
WriteConsoleOutputAttribute
GetCurrentThread
OpenMutexA
GetModuleHandleW
ReadFile
SetEnvironmentVariableA
GetFileType
SetLastError
EnterCriticalSection
SetWaitableTimer
MultiByteToWideChar
WriteConsoleA
HeapCreate
GetStdHandle
GetSystemTime
CreateMutexA
HeapFree
GetCurrentProcessId
FreeEnvironmentStringsW
GetSystemDefaultLangID
FreeLibrary
GetCurrentThreadId
SetConsoleCtrlHandler
Sleep
GetModuleFileNameW
SetUnhandledExceptionFilter
IsValidLocale
GetProcAddress
GetStringTypeW
lstrcpyn
GetTimeFormatA
InterlockedIncrement
GetLastError
TlsAlloc
SetHandleCount
EnumSystemLocalesA
InterlockedExchange
GetTimeZoneInformation
GetEnvironmentStringsW
UnhandledExceptionFilter
FlushFileBuffers
LoadLibraryA
GetLocaleInfoW
CloseHandle
VirtualFree
HeapSize
HeapDestroy
LCMapStringW
CreateFileA
CompareStringA
HeapReAlloc
GetCPInfo
DeleteFileA
GetPrivateProfileStringA
WriteProfileStringW
GetOEMCP
RtlUnwind
SetFilePointer
IsValidCodePage
EnumDateFormatsA
GetTickCount
GetCommandLineW
TerminateProcess
TlsSetValue
GetStartupInfoW
DeleteCriticalSection
MapViewOfFile
GetCurrentProcess
GetModuleFileNameA
WideCharToMultiByte
GetUserDefaultLCID
GetLocaleInfoA
WriteConsoleW
GetACP
IsDebuggerPresent
TlsGetValue
GetConsoleCP
GetStartupInfoA
GetModuleHandleA

comctl32

InitCommonControlsEx
ImageList_Duplicate

user32

DestroyWindow
IsCharAlphaA
ShowWindow
RegisterClassA
GetUserObjectSecurity
GetUpdateRgn
SetLastErrorEx
CreateIcon
GetAsyncKeyState
GetWindowWord
SetCaretPos
SetWindowRgn
MessageBoxW
DdeDisconnect
DeferWindowPos
RegisterClassExA
ExcludeUpdateRgn
GetFocus
BeginDeferWindowPos
CreateWindowExW
PostThreadMessageW
SetKeyboardState
EqualRect
SetCapture
IsZoomed
GetKeyboardLayout
DefWindowProcW
SetShellWindow
SendInput
GetClipboardSequenceNumber
SetTimer

advapi32

CryptImportKey
RegQueryValueA
RegConnectRegistryA
LookupAccountSidA
ReportEventA
LookupPrivilegeValueA
CryptGenRandom

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5a7d05a062e93e77fe152f17ada88dc

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

comctl32

user32

advapi32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 304KB - Virtual size: 300KB

.data Size: 128KB - Virtual size: 153KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 304KB - Virtual size: 300KB

.data
Size: 128KB - Virtual size: 153KB

.rsrc
Size: 44KB - Virtual size: 41KB