3fddd9c8077bf12d6023c1295a4bc0c8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3fddd9c8077bf12d6023c1295a4bc0c8_JaffaCakes118
Size

480KB
MD5

3fddd9c8077bf12d6023c1295a4bc0c8
SHA1

7d9c7483017df062366b0a4fad2affa361d6fed9
SHA256

ec6bc1f82f02b9dc34a20f7b503ecf303876dca9e2bc3b05775997be496761fa
SHA512

9d0859d906bc0097ec0060ebe1610ac35d5ed93221b57c5e3aaac3e3878d945af84280bf4ae44e5d35e5a2036125fe9d36d51b5b3acb44c1d0b9dd8153adc057
SSDEEP

12288:H8gPf5NyTs7fOhq8PB/ynHXuFI/JJcpeXAiUvBa1:HWofOxP5QH1JyWAfvk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fddd9c8077bf12d6023c1295a4bc0c8_JaffaCakes118

Files

3fddd9c8077bf12d6023c1295a4bc0c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78011a839b4d33dbdd3f26b9ce246379

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlFillMemory
SetFilePointer
TlsFree
GetACP
GetTickCount
GetSystemInfo
HeapAlloc
InitializeCriticalSection
GetModuleHandleA
IsValidCodePage
RtlUnwind
IsValidLocale
HeapDestroy
LCMapStringW
VirtualProtect
FlushFileBuffers
LCMapStringA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetCurrentProcessId
VirtualFree
OpenMutexA
HeapSize
IsBadWritePtr
GetLocaleInfoW
TlsAlloc
WritePrivateProfileStringW
WideCharToMultiByte
DeleteCriticalSection
InterlockedExchange
CompareStringA
GetTimeFormatA
GetModuleFileNameA
GetDateFormatA
GetEnvironmentStrings
ExitProcess
GetOEMCP
FreeEnvironmentStringsW
GetLastError
QueryPerformanceCounter
CompareStringW
TlsGetValue
GetCurrentProcess
FreeEnvironmentStringsA
GetStringTypeA
SetStdHandle
HeapFree
HeapReAlloc
GetStringTypeW
LoadLibraryA
LeaveCriticalSection
GetStartupInfoA
HeapCreate
TerminateProcess
TlsSetValue
VirtualQuery
SetEnvironmentVariableA
SetHandleCount
MultiByteToWideChar
CreateMutexA
GetCPInfo
GetCommandLineA
GetFileType
UnhandledExceptionFilter
GetUserDefaultLCID
GetProcAddress
GetLocaleInfoA
GetEnvironmentStringsW
EnumSystemLocalesA
GetCurrentThreadId
VirtualAlloc
EnterCriticalSection
GetVersionExA
WriteFile
SetLastError
GetStdHandle
GetCurrentThread
ReadFile
CloseHandle

advapi32

RegDeleteKeyW
LookupAccountSidW
LookupPrivilegeNameW
RegConnectRegistryW
CryptDestroyHash
RegDeleteValueA
ReportEventW
RegReplaceKeyA

comdlg32

GetSaveFileNameA
LoadAlterBitmap
PrintDlgW
PageSetupDlgA

wininet

FtpGetFileSize
HttpOpenRequestW
InternetSetOptionExW
InternetLockRequestFile

user32

LoadCursorW
EnumPropsExA
GetWindowLongW
SetParent
GetScrollBarInfo
SetWindowTextA
ClipCursor
RegisterClassA
EnumDesktopsA
IsCharLowerW
AttachThreadInput
IsMenu
EnumPropsW
DdeCmpStringHandles
GetInputState
GetMessageW
GetMessageExtraInfo
RegisterClassExA

comctl32

InitCommonControlsEx

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78011a839b4d33dbdd3f26b9ce246379

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

wininet

user32

comctl32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 8KB - Virtual size: 38KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 8KB - Virtual size: 38KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 3KB - Virtual size: 2KB