3f880cb44b6622d43894022a5a0a86ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f880cb44b6622d43894022a5a0a86ad_JaffaCakes118
Size

364KB
MD5

3f880cb44b6622d43894022a5a0a86ad
SHA1

9f7ddad7f64710c858ed2567fe08fb37223fe33f
SHA256

3e95e1e387b9f23877232487d972498b6db3ba25c992f3c29148072423d84592
SHA512

08d2e1f4e7d93581f0edd44f64702cd0d1989e819ad1825e56c6a6d4c274927d0329db4c2e15d9df76e10a0ecda14db9677c67bf513945b88cd516edc0b1de9a
SSDEEP

6144:GyBtbOUqKugwtRmPKIkszf243WffIwv5nERyKW0JMnonHjLdb/vvV44w7j6sVLyx:ZbigEAJk4+acfBnAW7gDLdbU7Wss

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f880cb44b6622d43894022a5a0a86ad_JaffaCakes118

Files

3f880cb44b6622d43894022a5a0a86ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29c264844ad4461fc8f42c6b2efdc91e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
RemoveDirectoryW
QueryDosDeviceW
GlobalReAlloc
EnumDateFormatsW
CreateMutexW
SetThreadPriorityBoost
VirtualProtect
ReadDirectoryChangesW
TryEnterCriticalSection
IsValidLocale
FileTimeToLocalFileTime
SetTimeZoneInformation
CopyFileExW
GetFileAttributesA
GetLargestConsoleWindowSize
LCMapStringA
SetFileAttributesA
ReleaseMutex
ExitProcess
GetFileType
FindNextChangeNotification
AllocConsole
SetCurrentDirectoryA
GetSystemDefaultLangID
SetConsoleCursorPosition
SetSystemTime
ExitThread
GetThreadPriority
CreateDirectoryW
CancelIo
GetDiskFreeSpaceW
EnumCalendarInfoW
VirtualUnlock
CreatePipe
GetModuleFileNameW
CreateEventA
ReleaseSemaphore
GetPrivateProfileStringW
GetPrivateProfileStringA
FreeResource
SetEnvironmentVariableW
WritePrivateProfileStringW
lstrcmpiW
GetCommModemStatus
GetConsoleCursorInfo
GetCommState
UnhandledExceptionFilter
GetCommandLineA
GetVersionExA
lstrlenA
IsBadWritePtr

gdi32

GetViewportOrgEx
PlayEnhMetaFileRecord
CreateFontA
SelectObject
GetObjectW
OffsetRgn
PolyBezier
GetDeviceCaps
SetEnhMetaFileBits
GetSystemPaletteUse
GetTextExtentExPointW
SetRectRgn
GetEnhMetaFileBits

comdlg32

GetOpenFileNameW
PageSetupDlgW

advapi32

GetAce
CryptSignHashW
LookupAccountSidA
LogonUserW
CryptVerifySignatureW
InitiateSystemShutdownW
AccessCheckAndAuditAlarmA
ChangeServiceConfigA
RegEnumKeyA
QueryServiceStatus
RegOpenKeyW
RegQueryValueA
RegConnectRegistryA
EnumServicesStatusW
ControlService
RegSaveKeyW
BuildSecurityDescriptorW
CloseEventLog
GetFileSecurityW
PrivilegeCheck
EnumDependentServicesW
GetServiceDisplayNameW
GetUserNameW
CryptSetHashParam
DeregisterEventSource
GetNamedSecurityInfoA
LookupPrivilegeDisplayNameA
CreateProcessAsUserA
SetServiceObjectSecurity

shell32

ShellExecuteA
SHGetDesktopFolder
SHGetSettings
SHFileOperationW
DragQueryPoint
Shell_NotifyIconA

ole32

OleCreateFromData

oleaut32

VariantChangeType
SysAllocStringLen
SysFreeString
QueryPathOfRegTypeLi
SafeArrayUnaccessData
SafeArrayPutElement
SetErrorInfo

shlwapi

SHGetValueW
SHRegOpenUSKeyW
StrCpyNW
PathStripPathA
PathParseIconLocationW
PathUndecorateW
SHCreateStreamOnFileW
PathIsRelativeW
PathIsPrefixW
SHDeleteValueW
PathRemoveBackslashA

Sections

.text
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

29c264844ad4461fc8f42c6b2efdc91e

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 332KB - Virtual size: 329KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 23KB

.text
Size: 332KB - Virtual size: 329KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 23KB