3fa5ec3cc985e94518937cc62144a3c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3fa5ec3cc985e94518937cc62144a3c4_JaffaCakes118
Size

348KB
MD5

3fa5ec3cc985e94518937cc62144a3c4
SHA1

7e10ef59878c7d1fd8de633a6b45a93b96001fba
SHA256

1cbbe4b5715a4f05b621ca1a15f20999bcfe0f6aead5fa3d38a5ebf872ac8c19
SHA512

f9e824776e9cca083c8b5f498e132d9d4ef91003f403a47722864d6492ac3b7223e463e38d9463236627298d6a8328258610b260a23703bed53441a5dfedea48
SSDEEP

3072:cQZCQRtFiuHWX51tHI5jc/ZXKZAczXBpomBsbUX+fEv5IDTf2PQ9JWvEKHLzonHd:c58p41tHI5UKaczXBpomCf/zR/qK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fa5ec3cc985e94518937cc62144a3c4_JaffaCakes118

Files

3fa5ec3cc985e94518937cc62144a3c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

575d675bffb6a8bf4a883de530d79a87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
GetComputerNameA
FindFirstFileA
GetDriveTypeA
FindNextFileA
FindClose
GetACP
GetVersionExA
GetTickCount
RemoveDirectoryA
CreateDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentProcess
GetComputerNameW
GetProcessHeap
GetLocaleInfoA
SetFileAttributesA
GetCurrentProcessId
FlushFileBuffers
InitializeCriticalSection
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlUnwind
HeapReAlloc
VirtualAlloc
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
VirtualFree
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
HeapSize
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RaiseException
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetEndOfFile
CreateFileA
Sleep
TerminateProcess
GetVersion
DeleteFileA
SetFileTime
GetFileTime
GetSystemDirectoryA
ReadFile
GetFileSize
GetLastError
WriteFile
SetFilePointer
CloseHandle
WaitForSingleObject
CreateSemaphoreA
FreeLibrary
GetProcAddress
LoadLibraryA
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
GetSystemTimeAsFileTime
HeapCreate
HeapFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
OutputDebugStringA
GetFileType

user32

LoadStringA
GetMessageA
TranslateMessage
wsprintfA
DispatchMessageA
GetForegroundWindow
GetKeyboardLayout
MapVirtualKeyExA
MapVirtualKeyA
EnumDisplaySettingsA
wsprintfW
GetKeyNameTextA

advapi32

GetUserNameA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

575d675bffb6a8bf4a883de530d79a87

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 124KB - Virtual size: 121KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 316B

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 124KB - Virtual size: 121KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 316B