3ff306ba47eb8b7362873b1bdc101e33_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ff306ba47eb8b7362873b1bdc101e33_JaffaCakes118
Size

732KB
MD5

3ff306ba47eb8b7362873b1bdc101e33
SHA1

4ae0d793499e72fa9e6e849944e917e9c439a120
SHA256

2c61d838bee9c09427a55f10677da6abe4a49a600da74fdaed2c6b3325f05513
SHA512

59b4c635bceacb4ce821d72c6ba0ba4c3be17d137013a3d1c0ce334326e1945336ff2ff70868a57fab13173851f615aff064f7fd5d2439c317bf72636fa6cc5a
SSDEEP

12288:2bLK6lFtRrqZt8S/pa6DVwfoE//krCrUNuMQcpWzqdu0dojCJkIILGKlQSNVxRJT:2LStX/pFDOf1/krjpWOejCJk3LGKiSNX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ff306ba47eb8b7362873b1bdc101e33_JaffaCakes118

Files

3ff306ba47eb8b7362873b1bdc101e33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93d982cc5fee3ee6c786aec518b5ad26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\a

Imports

advapi32

RegRestoreKeyA

user32

RegisterClassA
ActivateKeyboardLayout
RegisterClassExA
GetDesktopWindow
ChangeMenuA
GetPriorityClipboardFormat
GetProcessWindowStation
LoadImageA
GetClassLongW
EnumDesktopWindows
GetSubMenu
AppendMenuA
IsCharAlphaW
DispatchMessageW
ChangeDisplaySettingsExW
DestroyCaret
GetGuiResources
SetClassLongW
CheckDlgButton
PeekMessageW
VkKeyScanW
GetTabbedTextExtentW
GetMenuState
OpenDesktopW
UnregisterDeviceNotification
LoadAcceleratorsA

kernel32

GetStartupInfoA
CreateProcessA
ReadFileEx
GetCommandLineW
GetSystemTimeAsFileTime
InitializeCriticalSection
ReadConsoleA
TlsFree
OpenMutexA
OpenFileMappingA
SetEnvironmentVariableA
GetTempFileNameA
IsBadWritePtr
GetStringTypeW
CopyFileExA
GetCurrentProcess
TlsAlloc
GetTickCount
FileTimeToDosDateTime
SetEndOfFile
GetStringTypeA
CompareStringW
LeaveCriticalSection
WideCharToMultiByte
GetStdHandle
FindFirstFileA
lstrcmpi
GetCurrentThread
TerminateProcess
GetCurrentThreadId
RtlUnwind
InterlockedExchange
WriteConsoleOutputCharacterA
GetUserDefaultLangID
EnumTimeFormatsW
GetCurrentProcessId
ReadFile
UnhandledExceptionFilter
FindResourceExA
LCMapStringW
VirtualFree
GetSystemTime
WriteFile
GetEnvironmentStrings
HeapAlloc
FreeEnvironmentStringsA
GetTimeZoneInformation
ExitProcess
HeapReAlloc
VirtualQuery
GetModuleFileNameW
LoadLibraryA
GetModuleHandleA
QueryPerformanceCounter
GetProcessAffinityMask
SetLastError
TlsGetValue
SetStdHandle
WaitForSingleObjectEx
EnumResourceNamesA
CreateMailslotA
CreateDirectoryA
GetModuleFileNameA
SetHandleCount
CreateMutexA
CloseHandle
GetFileType
HeapDestroy
FreeEnvironmentStringsW
TlsSetValue
GetCPInfo
CompareStringA
GetStartupInfoW
TryEnterCriticalSection
LCMapStringA
HeapFree
GetLastError
MoveFileW
GetLocalTime
FlushFileBuffers
OutputDebugStringA
VirtualAlloc
GetVersion
GetTempPathW
InterlockedIncrement
SetConsoleMode
EnumCalendarInfoExW
DeleteCriticalSection
InterlockedDecrement
GetEnvironmentStringsW
EnumResourceLanguagesA
SetFilePointer
GetStringTypeExA
EnterCriticalSection
MultiByteToWideChar
GetProcAddress
GetCommandLineA
LocalLock
HeapCreate

gdi32

RoundRect
SetDeviceGammaRamp
GetPixel
PatBlt
OffsetClipRgn
PolyBezier
GetRasterizerCaps
GetGraphicsMode
GetEnhMetaFileBits
CreatePatternBrush
RemoveFontResourceA
gdiPlaySpoolStream
DescribePixelFormat
GetTextMetricsW
CreateICW
GetClipBox
SelectPalette
GetStretchBltMode
DeleteEnhMetaFile
PlgBlt
SetSystemPaletteUse
GetEnhMetaFileDescriptionA
DrawEscape
AddFontResourceW

comdlg32

GetOpenFileNameA
ReplaceTextW
GetSaveFileNameW

shell32

SheSetCurDrive
SHGetFileInfoW
ExtractIconExW

comctl32

InitCommonControlsEx
ImageList_Remove
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_DragMove
DrawStatusTextA
ImageList_Add
ImageList_SetDragCursorImage
ImageList_Copy
ImageList_EndDrag
CreateToolbarEx
CreatePropertySheetPageA
ImageList_Destroy
ImageList_DrawIndirect
ImageList_LoadImage
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_GetImageRect
ImageList_LoadImageA
CreateStatusWindow
ImageList_DrawEx
ImageList_AddIcon

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93d982cc5fee3ee6c786aec518b5ad26

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

kernel32

gdi32

comdlg32

shell32

comctl32

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 448KB - Virtual size: 446KB

.data Size: 140KB - Virtual size: 158KB

.rsrc Size: 68KB - Virtual size: 67KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 448KB - Virtual size: 446KB

.data
Size: 140KB - Virtual size: 158KB

.rsrc
Size: 68KB - Virtual size: 67KB