3ff3e3caabf4e54bfd3e7416867b994c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ff3e3caabf4e54bfd3e7416867b994c_JaffaCakes118
Size

968KB
MD5

3ff3e3caabf4e54bfd3e7416867b994c
SHA1

d14e7a303bf921929e8e2d356531af6c6563c858
SHA256

fc18aa477a2dfea5a03879f1cd2cca06a90be209f6d2007e3341ee933bf48a45
SHA512

be3d1352392206cf1d6334ba5cdf762d2555d3fd048b07a80254930fbf07ee9cd6a27227da229a6278512ac7ce3fbd3d569332f6dbc8e13f381c0fd330e18092
SSDEEP

12288:Ps8LhfPQ7eWBzf921/GkJe88+8JPU3X506uopPGRhK4zPwIILs3N+LYO3L5CS1Me:5BPQ/zfyGGl8J5To7Iws3EUKL51YKY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ff3e3caabf4e54bfd3e7416867b994c_JaffaCakes118

Files

3ff3e3caabf4e54bfd3e7416867b994c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b34abcec0fdabbb8e6657fc46b670d23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

ImageGetDigestStream
ImageRvaToVa
ImageNtHeader
ImageDirectoryEntryToData

kernel32

GetFileAttributesW
IsDebuggerPresent
InterlockedIncrement
lstrlenA
CopyFileA
UpdateResourceW
RaiseException
OutputDebugStringA
GetModuleHandleW
GetOEMCP
GlobalFree
GetVersion
GetFullPathNameW
GetFullPathNameA
EndUpdateResourceW
FindClose
GetLocaleInfoA
GetFileAttributesA
CopyFileW
LoadLibraryExW
InterlockedCompareExchange
DebugBreak
BeginUpdateResourceW
GetSystemDirectoryA
lstrcpyA
FreeLibrary
SetFilePointer
RemoveDirectoryW
FindNextFileW
CloseHandle
InterlockedDecrement
GetACP
WideCharToMultiByte
GlobalAlloc
GetFileInformationByHandle
LocalFree
RemoveDirectoryA
ExitProcess
GetVersionExW
FreeResource
lstrcmpiA
lstrlenW
GetEnvironmentVariableA
ReadFile
LoadLibraryExA
InterlockedExchange
GetThreadLocale

user32

CharNextW
CharNextA
wsprintfW

shell32

CommandLineToArgvW

ole32

CoCreateInstance
CLSIDFromString
CoUninitialize
StringFromCLSID
CoTaskMemFree
StringFromIID
CoInitialize

msvcrt

_c_exit
realloc
iswspace
fputs
_iob
__wgetmainargs
strchr
__p__fmode
qsort
_wcslwr
__CxxFrameHandler
_XcptFilter
memset
_itow
??1type_info@@UAE@XZ
_CxxThrowException
_onexit
_except_handler3
??2@YAPAXI@Z
__winitenv
__setusermatherr
wcslen
_vsnprintf
__p__commode
strncmp
_purecall
_adjust_fdiv
_vsnwprintf
_exit
__set_app_type
_initterm
wcsrchr
exit
atoi
vwprintf
_wcsnicmp
wcsstr
_itoa
_snwprintf
_controlfp
__dllonexit
?terminate@@YAXXZ
free
??3@YAXPAX@Z
_cexit
_wcsicmp
_snprintf

msvfw32

ICGetInfo
ICRemove

Sections

.text
Size: 705KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b34abcec0fdabbb8e6657fc46b670d23

Headers

File Characteristics

Imports

imagehlp

kernel32

user32

shell32

ole32

msvcrt

msvfw32

Sections

.text Size: 705KB - Virtual size: 705KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 251KB - Virtual size: 250KB

.rsrc Size: 7KB - Virtual size: 3.2MB

.text
Size: 705KB - Virtual size: 705KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 251KB - Virtual size: 250KB

.rsrc
Size: 7KB - Virtual size: 3.2MB