3fb6cf2db785cca3f47e1f6d25391c4c_JaffaCakes118

General

Target

3fb6cf2db785cca3f47e1f6d25391c4c_JaffaCakes118
Size

113KB
MD5

3fb6cf2db785cca3f47e1f6d25391c4c
SHA1

11de22d8b34e8ebb6d7b5f8fef5a88df336605bc
SHA256

47354de83dbe96e05de622f1e6a765fb7e3c160a845dd73d63629fdbde85f5f1
SHA512

a56c8fa28563c5cbff6cb1eb4c410d77140310bdb899bad907e5181f8dd6fdb434b9103573189c7f52b04ede7758162307b636f83c9d6c5f0c24c97c1c134a96
SSDEEP

3072:rZZftl69hPMpNDQuzi1VyoxEhAq2qa7sUpQe8cON32YG:rZZftl69MziwEqbmKcON32b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb6cf2db785cca3f47e1f6d25391c4c_JaffaCakes118

Files

3fb6cf2db785cca3f47e1f6d25391c4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3895086d920bbbfac67be991ef7411fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
CreateProcessA
LoadResource
GetTickCount
DeleteFileA
GetCurrentThread
GetCurrentThreadId
GetCommandLineA
SetUnhandledExceptionFilter
lstrlenA
FreeLibrary
Sleep
GetSystemDirectoryA
lstrcatA
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
CreateFileA
ReadFile
CloseHandle
ExitProcess
HeapFree
GetTempPathA
LoadLibraryA
GetLastError
GetProcessHeap
HeapAlloc
GetModuleHandleA
GetProcAddress
OutputDebugStringA
WritePrivateProfileStringA

user32

GetMessageA
PostThreadMessageA
wsprintfA
GetInputState

advapi32

InitializeAcl
CloseServiceHandle
StartServiceA
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LookupAccountNameA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
EqualSid
GetAce
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
OpenSCManagerA
RegDeleteValueA
RegDeleteKeyA
OpenServiceA

shlwapi

PathFileExistsA

msvcrt

strstr
_strcmpi
??1type_info@@UAE@XZ
_CxxThrowException
__CxxFrameHandler
_access
strchr
sprintf
fwrite
_except_handler3
realloc
malloc
fclose
fopen
??3@YAXPAX@Z
??2@YAPAXI@Z

netapi32

NetUserGetLocalGroups
NetApiBufferFree

ws2_32

inet_addr

iphlpapi

GetInterfaceInfo
AddIPAddress

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3895086d920bbbfac67be991ef7411fa

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

netapi32

ws2_32

iphlpapi

Sections

.text Size: 18KB - Virtual size: 18KB

.rsrc Size: 94KB - Virtual size: 93KB

.text
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 94KB - Virtual size: 93KB