a3fc90beb362dc9642215732b1a48ec0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a3fc90beb362dc9642215732b1a48ec0_JaffaCakes118
Size

142KB
MD5

a3fc90beb362dc9642215732b1a48ec0
SHA1

68140291a2672cfc4ad3b981ea61893903f3f285
SHA256

ed3a137bf56798be0e08bcbc613a8b27411cb161ab1355c53b8570ed8bcf5392
SHA512

64db54f593d3779e01163200762b5389ce4dfe129c6f63801990bcf376375cf352a91953feca48d3537c082d4dadf88ff750161382aefdca55affd2e9e3d6eaa
SSDEEP

3072:1OsRShG9fmuWpCoiSNnBhe9yTPWp/VQxOMMPLSHGz:7RShGlWpfbZsyTP7IMQ+HG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3fc90beb362dc9642215732b1a48ec0_JaffaCakes118

Files

a3fc90beb362dc9642215732b1a48ec0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37db7eea089c585b464fccb521248202

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetSystemTimeAsFileTime
lstrcatW
MulDiv
GetStringTypeW
GetCommandLineW
GetExitCodeThread
FileTimeToLocalFileTime
FindFirstFileA
HeapReAlloc
FindNextFileW
LoadResource
GetCommandLineA
IsBadReadPtr
SetThreadPriority
GetModuleHandleA
CreateFileW
ResumeThread
WaitForSingleObject
CreateProcessW
GetModuleHandleW
InterlockedExchange
WriteConsoleW
FormatMessageA
VirtualAlloc
GetConsoleMode
SetLastError
lstrcpynA
CreateEventW
FindResourceA
GetVersionExW
GetTempPathA
GetLastError
GetVersion
LCMapStringW
VirtualQuery
SetFilePointer
GetThreadLocale
TlsSetValue
OutputDebugStringA
GetWindowsDirectoryA
GetFullPathNameW
GetFileSize
GetACP
ExitProcess
GetSystemTime

user32

SetTimer
FindWindowA
DestroyMenu
EnableMenuItem
DialogBoxParamW
GetAsyncKeyState
GetFocus

msvcrt

rand
swprintf
_ftol
srand
strncpy
_stat
bsearch
wcschr
_commit
malloc
wcscspn
_wcslwr
__p__osver
__dllonexit
__p__iob
swscanf
setlocale
ceil
_c_exit
_XcptFilter
_beginthreadex
exit
_onexit
_exit
ctime
_rotr
_finite
wcsrchr
_access

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbss
Size: 512B - Virtual size: 506B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 313B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 18B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37db7eea089c585b464fccb521248202

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 130KB - Virtual size: 130KB

.textbss Size: 512B - Virtual size: 506B

.bss Size: 512B - Virtual size: 122KB

.bss Size: 512B - Virtual size: 313B

.tls Size: 512B - Virtual size: 128B

DATA Size: 512B - Virtual size: 112B

.bss Size: 512B - Virtual size: 37KB

.tls Size: 512B - Virtual size: 380B

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 18B

.text
Size: 130KB - Virtual size: 130KB

.textbss
Size: 512B - Virtual size: 506B

.bss
Size: 512B - Virtual size: 122KB

.bss
Size: 512B - Virtual size: 313B

.tls
Size: 512B - Virtual size: 128B

DATA
Size: 512B - Virtual size: 112B

.bss
Size: 512B - Virtual size: 37KB

.tls
Size: 512B - Virtual size: 380B

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 18B