3e628b7649e2b37870a35b80715b2a08_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e628b7649e2b37870a35b80715b2a08_JaffaCakes118
Size

589KB
MD5

3e628b7649e2b37870a35b80715b2a08
SHA1

1559dd19502100596fb0f56a2d5a7756ad954e28
SHA256

4c5db79eb69c8765d465b4986ffba971cdc0d39209c7008e633665639a8f593d
SHA512

e6e1040c581684b4c9f81dd950cba3c88f4f456d778537729fed256644cdafbeec08c48c2356b09f0db9dd10f62a34123cab715a84a206ceaea911e2f88e0519
SSDEEP

12288:cAV5WgxAxgHzI2vkkfMwL1ecseQxxIQLyxuD:c3qMkzzTkeQLyxw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e628b7649e2b37870a35b80715b2a08_JaffaCakes118

Files

3e628b7649e2b37870a35b80715b2a08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f329f7c0ca078872fee60837b8816046

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
GetThreadPriority
SearchPathW
CreateEventA
GetOEMCP
WriteConsoleOutputW
CreateNamedPipeW
SetFileTime
lstrcatW
GetComputerNameW
EnumCalendarInfoA
GetCommModemStatus
OutputDebugStringA
SetConsoleOutputCP
ClearCommBreak
ExitThread
EnumTimeFormatsW
PeekConsoleInputW
FormatMessageW
SetEndOfFile
GetSystemInfo
GetBinaryTypeW
GetStartupInfoA
GetSystemTimeAsFileTime
ReadFile
SetProcessAffinityMask
GetDateFormatA
FreeLibraryAndExitThread
ConnectNamedPipe
WriteFile
SetConsoleCursorPosition
SetConsoleActiveScreenBuffer
_lopen
SystemTimeToFileTime
GetCompressedFileSizeW
WritePrivateProfileStructA
GetNumberFormatW
FindResourceExW
SetCurrentDirectoryA
_hread
LocalAlloc
SetEnvironmentVariableA
GetPrivateProfileStringA
SetProcessWorkingSetSize
FindResourceExA
GetSystemTime
GetCommState
CreateIoCompletionPort
GetTapeParameters
CreateDirectoryExA
GetTapeStatus
FatalAppExitA
DosDateTimeToFileTime
InitializeCriticalSection
GetTimeZoneInformation
GetConsoleCursorInfo
OpenFile
SetHandleCount
FlushConsoleInputBuffer
LocalFileTimeToFileTime
ReleaseMutex
DuplicateHandle
SetNamedPipeHandleState
GetSystemDirectoryW
MoveFileExA
PeekNamedPipe
GetModuleHandleA
WritePrivateProfileStringA
ExitProcess

user32

ChangeDisplaySettingsExA
SetWinEventHook
GetUpdateRgn
IsCharAlphaA
AdjustWindowRect
LoadImageA
SendMessageTimeoutA
ShowScrollBar
CharNextW
GetProcessDefaultLayout
MapDialogRect
FrameRect
GetMenuItemInfoA
GetFocus
GetSysColorBrush
SetWindowsHookW
LoadIconW
WinHelpW
EmptyClipboard
SetWindowContextHelpId
GetWindowPlacement
MsgWaitForMultipleObjects
GetNextDlgTabItem
SetDlgItemTextW
InvalidateRgn

gdi32

SetAbortProc
StrokeAndFillPath
BeginPath
ExtEscape
GetGlyphOutlineA
AddFontResourceW
SetMapperFlags
GetDeviceCaps
GetPixel
SetTextColor
UpdateColors
SetDIBits

comdlg32

GetFileTitleW
FindTextA

advapi32

EqualSid
GetFileSecurityW
CloseServiceHandle
QueryServiceStatus
ImpersonateSelf
GetSecurityDescriptorGroup
NotifyChangeEventLog
BuildTrusteeWithSidW
RegRestoreKeyW
GetSecurityInfo
EnumDependentServicesW
GetPrivateObjectSecurity
CryptImportKey
SetNamedSecurityInfoA
LookupPrivilegeValueA
GetNamedSecurityInfoA
GetSidSubAuthorityCount

shell32

SHGetSpecialFolderLocation
ExtractIconExW
DragAcceptFiles

ole32

CreateStreamOnHGlobal
ProgIDFromCLSID
OleConvertIStorageToOLESTREAM
CoFileTimeNow
OleRegGetMiscStatus

oleaut32

SysAllocStringLen
QueryPathOfRegTypeLi
SafeArrayUnaccessData

comctl32

ImageList_GetIconSize

shlwapi

PathUndecorateW
StrChrW
PathIsRootA
StrStrIA
PathIsFileSpecA
PathGetDriveNumberA
AssocQueryStringW
StrFormatByteSize64A
PathRemoveFileSpecW
wnsprintfA
PathRenameExtensionW
PathParseIconLocationW
StrDupA
SHAutoComplete

Sections

.text
Size: 14KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f329f7c0ca078872fee60837b8816046

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 14KB - Virtual size: 224KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 252KB - Virtual size: 252KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 14KB - Virtual size: 224KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 252KB - Virtual size: 252KB

.rsrc
Size: 10KB - Virtual size: 10KB