4c3cabb428dd3d040cb962d0e3edf03f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c3cabb428dd3d040cb962d0e3edf03f_JaffaCakes118
Size

517KB
MD5

4c3cabb428dd3d040cb962d0e3edf03f
SHA1

fe1c0807261785740dcd8f4303f3a0dfb3ffa6d0
SHA256

c8c3bc0e6edfe0e9a712c69011b1272c2f64d3fc59eab2331ca9bb95339ebbf2
SHA512

8eb8f2d79b336fa15cf90f686b8465a760ad4169309489da41348cc93502601c1bfe17c6a502be53e3a0a244fc4a8fa8f513edc2ba956e18f4780b6739a604c3
SSDEEP

12288:4MMTA/+44+HcydhdxJgJuj3SvZ3B5c7HxpqRVNK1ALYw:4MMTAW44+HcydRJbCx3B50pqDy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c3cabb428dd3d040cb962d0e3edf03f_JaffaCakes118

Files

4c3cabb428dd3d040cb962d0e3edf03f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9c3c38ed334cf0b988df2704fb3d39b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\zste\ewihehqw\eeb\jeht\xvvowgmaeo\myjccnfsac.pdb

Imports

comctl32

InitCommonControlsEx

kernel32

GetSystemTime
HeapCreate
VirtualFree
GetStringTypeA
EnterCriticalSection
ConvertDefaultLocale
CreateFileA
GetLastError
GetLocaleInfoW
UnhandledExceptionFilter
DeleteCriticalSection
GetOEMCP
RtlUnwind
GetCurrentProcess
GetVolumeInformationA
CreateWaitableTimerA
InterlockedDecrement
ExitProcess
GetExitCodeProcess
SetUnhandledExceptionFilter
GetStartupInfoA
WideCharToMultiByte
TerminateProcess
TlsAlloc
GetEnvironmentStringsW
HeapReAlloc
FreeEnvironmentStringsW
GetCompressedFileSizeA
LeaveCriticalSection
GlobalReAlloc
FlushFileBuffers
HeapAlloc
GetDateFormatA
InterlockedExchange
SetHandleCount
GetModuleFileNameA
GetStringTypeW
GetSystemTimeAsFileTime
CloseHandle
WritePrivateProfileStringW
GetTimeFormatA
GetTickCount
InterlockedIncrement
HeapFree
OpenMutexA
IsDebuggerPresent
TlsFree
GetModuleHandleA
GetConsoleCP
GetProcAddress
LoadLibraryA
CreateMutexA
FindFirstFileW
ReadFile
GetTimeZoneInformation
SetFilePointer
GetCurrentThread
GetFileType
SetThreadPriority
CompareStringW
SetConsoleCtrlHandler
HeapDestroy
GetCommandLineA
GetConsoleOutputCP
SetComputerNameW
WriteConsoleW
LoadModule
FreeLibrary
TlsSetValue
GetCurrentThreadId
WriteFile
VirtualAlloc
IsValidCodePage
GetStdHandle
SetEnvironmentVariableA
Sleep
CompareStringA
TlsGetValue
MultiByteToWideChar
LCMapStringW
IsValidLocale
WriteConsoleA
InitializeCriticalSectionAndSpinCount
SetLastError
ReadConsoleA
GetACP
GetUserDefaultLCID
FreeEnvironmentStringsA
IsBadReadPtr
QueryPerformanceCounter
LCMapStringA
GetModuleHandleW
GetLocaleInfoA
VirtualQuery
GetEnvironmentStrings
GetCPInfo
GetConsoleMode
GetCurrentProcessId
HeapSize
SetStdHandle
EnumSystemLocalesA

user32

IsDialogMessageA
RegisterClassExA
RegisterClassA
CloseWindowStation
GetTabbedTextExtentW

Sections

.text
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9c3c38ed334cf0b988df2704fb3d39b

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 366KB - Virtual size: 365KB

.rdata Size: 31KB - Virtual size: 53KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 366KB - Virtual size: 365KB

.rdata
Size: 31KB - Virtual size: 53KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 13KB - Virtual size: 12KB