3f8030e92b71acd842382ff673edaf5d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3f8030e92b71acd842382ff673edaf5d_JaffaCakes118
Size

504KB
MD5

3f8030e92b71acd842382ff673edaf5d
SHA1

9703188ced36a220d85f10f36c7e2bc1e6e60d32
SHA256

54dc380ee7460254a6c3c2b4adb25c7eec1527aac8e37d57c2575d7a9d45d673
SHA512

4f3503806d3028640d46158ab58b3cac0cacde7cbce4924e27dbd8467ccd8439d151c783265f5700c6088a1cf079e1cc52708e121189ffb77336db5b8ffb37f3
SSDEEP

6144:MQr1OdIP2x2bHw84Vnxudryjiv5qjGdoNCI+z350B/PreCk1tEYMX0jIsUFldwdQ:MmOdIsGHA2dONCRz35IPX3sUFldwtk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f8030e92b71acd842382ff673edaf5d_JaffaCakes118

Files

3f8030e92b71acd842382ff673edaf5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

259c6b996750c6b556ca83b0e048ebb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadImageW
RegisterClassA
WindowFromPoint
IsCharUpperA
DdeImpersonateClient
LoadKeyboardLayoutA
MapWindowPoints
VkKeyScanExW
GetWindowTextLengthW
PostQuitMessage
DestroyWindow
GetWindowTextW
ShowWindow
CreateDesktopW
RegisterClassExW
RegisterClassExA
ShowOwnedPopups
DdeConnectList
DdeGetData
DdeAbandonTransaction
ReleaseDC
FindWindowExW
SetFocus
TranslateMessage
GetMenuStringA
SetPropA
GetUpdateRect
SetLastErrorEx
LoadCursorA
GetCursorPos
DefWindowProcW
CreateWindowExA
GetDlgItemInt
MessageBoxA

advapi32

RegQueryMultipleValuesW
GetUserNameA
RegCreateKeyExW
RegSetValueW
RegOpenKeyA
CryptReleaseContext
CryptDecrypt
CryptEnumProvidersA
CryptSetHashParam
CryptSetProviderA
RegSaveKeyA
CryptAcquireContextA
RegEnumKeyW
ReportEventW
RegLoadKeyW

kernel32

SetLastError
FillConsoleOutputAttribute
GetStringTypeA
WaitCommEvent
TlsFree
VirtualFree
EnumCalendarInfoExW
LockResource
HeapFree
GetStringTypeW
GetNamedPipeInfo
WaitNamedPipeA
GetCommandLineA
IsValidCodePage
UnmapViewOfFile
GetOEMCP
LoadLibraryA
GetCurrentDirectoryA
GetFileType
CommConfigDialogW
EnterCriticalSection
FreeEnvironmentStringsW
HeapSize
CompareStringW
WideCharToMultiByte
SetConsoleCursorPosition
GetVersionExA
MultiByteToWideChar
WriteFile
UnhandledExceptionFilter
SetEnvironmentVariableA
HeapCreate
InterlockedExchange
GetEnvironmentStringsW
LCMapStringW
GetSystemInfo
RtlUnwind
VirtualQuery
GetModuleHandleA
GetACP
WriteConsoleOutputCharacterA
GlobalGetAtomNameA
GetCurrentThread
GetDateFormatA
GetComputerNameW
SetStdHandle
GetCurrentThreadId
OpenMutexA
FlushFileBuffers
GetLocaleInfoA
IsBadWritePtr
WritePrivateProfileStringW
SetUnhandledExceptionFilter
LCMapStringA
GetPrivateProfileSectionNamesW
SetEndOfFile
GetTickCount
GetThreadTimes
WriteFileEx
GetEnvironmentStrings
TlsAlloc
CreateMutexW
VirtualAlloc
VirtualProtect
SetHandleCount
GetStdHandle
InitializeCriticalSection
TerminateProcess
ExitProcess
CompareStringA
GlobalHandle
GetTimeZoneInformation
GetCPInfo
CreateFileMappingA
GetUserDefaultLCID
GlobalFix
HeapReAlloc
GetSystemTimeAsFileTime
CloseHandle
GetLocaleInfoW
GetTimeFormatW
FreeLibraryAndExitThread
SetFilePointer
IsValidLocale
TlsSetValue
TlsGetValue
OpenEventW
LeaveCriticalSection
GetTimeFormatA
HeapAlloc
DeleteCriticalSection
GetUserDefaultLangID
CreateMutexA
QueryPerformanceCounter
ReadFile
EnumSystemLocalesA
GetCurrentProcess
GetLastError
HeapDestroy
SetEnvironmentVariableW
lstrcpyn
GetCurrentProcessId
FreeEnvironmentStringsA
GetProcAddress
GetStartupInfoA
lstrlenA
GetVolumeInformationW
GetModuleFileNameA

shell32

SHChangeNotify
DragAcceptFiles
SHInvokePrinterCommandW
SheChangeDirExW
SHGetDesktopFolder

comctl32

ImageList_Read
ImageList_LoadImageW
GetEffectiveClientRect
InitMUILanguage
ImageList_LoadImageA
CreatePropertySheetPage
ImageList_Create
ImageList_GetImageRect
ImageList_GetIconSize
ImageList_Destroy
ImageList_Add
MakeDragList
CreateStatusWindow
DrawStatusTextA
ImageList_DrawEx
ImageList_Draw
ImageList_SetBkColor
InitCommonControlsEx
ImageList_EndDrag
ImageList_DragMove
ImageList_Copy
ImageList_DragEnter
CreatePropertySheetPageW
ImageList_GetImageInfo
CreateStatusWindowA
ImageList_SetOverlayImage

comdlg32

GetSaveFileNameA

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

259c6b996750c6b556ca83b0e048ebb8

Headers

File Characteristics

Imports

user32

advapi32

kernel32

shell32

comctl32

comdlg32

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 104KB - Virtual size: 129KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 104KB - Virtual size: 129KB

.rsrc
Size: 44KB - Virtual size: 40KB