3eb769def44a671a1959a5b994bdbd7d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3eb769def44a671a1959a5b994bdbd7d_JaffaCakes118
Size

356KB
MD5

3eb769def44a671a1959a5b994bdbd7d
SHA1

2fb66fd536eca4489cf0246e66713d0f9aa0932c
SHA256

4a3e822d822d74d6b316dcc927a1324d3fb2b33041a5a3110714b1fe583d01a3
SHA512

aa41801859c972432551910816d909bba9706ae8a3a38094466c029b00c6bcab135f85a002650e5a5d82b8814980dd922f206a02bb20a523fab26e95479325e4
SSDEEP

6144:IdgEjRhw8M8UuZXMoqa75/zwFLQJsSg1qGBCaWgbB+/FeFHUuATus:IdgElhwzuRwa75/an1pCaWYB+de

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eb769def44a671a1959a5b994bdbd7d_JaffaCakes118

Files

3eb769def44a671a1959a5b994bdbd7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f98e1c9915ef8856082171b9fadd96e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

DrawStatusText
InitCommonControlsEx
ImageList_Draw
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetFilter
DrawStatusTextA
CreateStatusWindowA
ImageList_AddIcon
CreateStatusWindow
ImageList_GetBkColor
ImageList_DragMove

advapi32

RegConnectRegistryW
RegLoadKeyW
CryptVerifySignatureA
CryptContextAddRef
RegSetValueExW
RegCloseKey
CryptCreateHash
RegLoadKeyA
RegCreateKeyExW
LookupPrivilegeValueA
RegQueryMultipleValuesA
LookupSecurityDescriptorPartsA
CryptGetUserKey
InitiateSystemShutdownW
CryptHashSessionKey
CryptSetProvParam
CryptEnumProviderTypesA
RevertToSelf
RegDeleteValueW
DuplicateTokenEx
CryptVerifySignatureW
RegOpenKeyA

kernel32

LeaveCriticalSection
HeapAlloc
CloseHandle
LocalFree
GetLocaleInfoA
OpenMutexA
CreateMutexA
IsBadWritePtr
GetVersionExA
GetEnvironmentStringsW
HeapDestroy
GetStdHandle
SetHandleCount
ExitProcess
TlsGetValue
GlobalUnfix
VirtualFree
SetStdHandle
HeapFree
HeapReAlloc
GetCurrentProcess
GetModuleFileNameW
InitializeCriticalSection
LCMapStringA
GetUserDefaultLCID
GetCommandLineA
WriteFile
UnhandledExceptionFilter
GetStartupInfoA
CompareStringA
GetStringTypeA
HeapCreate
GetLastError
EnumSystemLocalesA
GetTimeZoneInformation
EnterCriticalSection
GetFileType
TlsSetValue
FreeEnvironmentStringsW
GetLocaleInfoW
GetCPInfo
GetCurrentThread
IsValidLocale
GetTickCount
GetTimeFormatA
SetCriticalSectionSpinCount
GetProcAddress
GetACP
GetPrivateProfileIntA
GetModuleHandleA
HeapSize
RtlUnwind
VirtualAlloc
DeleteCriticalSection
GetCurrentProcessId
QueryPerformanceCounter
SetConsoleMode
LCMapStringW
InterlockedExchange
ReadConsoleOutputA
WideCharToMultiByte
GetEnvironmentStrings
SetFilePointer
GetStartupInfoW
MultiByteToWideChar
GetOEMCP
ReadFile
GetCurrentThreadId
GetDriveTypeA
LoadLibraryA
VirtualQuery
SetLastError
GetSystemInfo
TerminateProcess
SetEnvironmentVariableA
GetDateFormatA
GetStringTypeW
CreateProcessW
CompareStringW
IsValidCodePage
GetFileTime
VirtualUnlock
FlushFileBuffers
GetCommandLineW
VirtualProtect
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
WriteProfileSectionA
GetModuleFileNameA
TlsFree
TlsAlloc

user32

ShowWindow
CreateWindowExW
RegisterClassExA
MessageBoxW
CharUpperA
RegisterClassA

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f98e1c9915ef8856082171b9fadd96e2

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

user32

Sections

.text Size: 215KB - Virtual size: 214KB

.rdata Size: 37KB - Virtual size: 67KB

.data Size: 92KB - Virtual size: 91KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 215KB - Virtual size: 214KB

.rdata
Size: 37KB - Virtual size: 67KB

.data
Size: 92KB - Virtual size: 91KB

.rsrc
Size: 11KB - Virtual size: 10KB