b3959c24d5414e17fd071d7ab4c285e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b3959c24d5414e17fd071d7ab4c285e1_JaffaCakes118
Size

398KB
MD5

b3959c24d5414e17fd071d7ab4c285e1
SHA1

e0a1a5f1c837e274aaa2ad50d1f6a7204e7bfa69
SHA256

3ddc255de226a10472fb30cdd46fa092baf5bdeb57e73fd417108b5cf7e41b80
SHA512

70a7ca06077f48dde20bfb6ebf9f4832363b68d9d6a9de8587861f948f2a924da5e8bdb2e522520b93c124f78dae5b0d7035d364f84724dba6178bd294aa0dd3
SSDEEP

6144:zfqKkeRBE3Yx9IfVTOOWwpLv6kBh9GtPXG0DcLwqeDGknp0ElvRM53M8HKYipj:TfBE3qKfVJDFHEPXntbDGSy+JMyd55

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3959c24d5414e17fd071d7ab4c285e1_JaffaCakes118

Files

b3959c24d5414e17fd071d7ab4c285e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a2f6fed5836ad9b2c3cf240fe93fef8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InterlockedExchange
VirtualFree
VirtualAlloc
SetFilePointer
SetEndOfFile
CreateFileMappingA
MapViewOfFile
RaiseException
DeleteFileW
CloseHandle
DeleteFileA
GetFileTime
GetFileSize
SetFileTime
UnmapViewOfFile
SetUnhandledExceptionFilter
WaitForSingleObject
GetModuleFileNameW
LoadLibraryExW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
InterlockedCompareExchange
InterlockedIncrement
GetModuleHandleW
FindResourceW
lstrlenW
GetSystemInfo
HeapDestroy
GetWindowsDirectoryA
GetVersionExW
DisableThreadLibraryCalls
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
GetLocaleInfoA
LoadLibraryA
HeapFree
HeapCreate
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetCommandLineA
InterlockedDecrement
VirtualProtect
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetVersionExA
VirtualQuery
ExitProcess
GetProcAddress

user32

CharNextW
DestroyWindow
GetDlgItem
SetTimer
SendMessageA
PostMessageA
GetParent
LoadStringA
GetDesktopWindow
GetWindowRect
LoadStringW
LoadBitmapA
SetFocus
ShowWindow
CreateDialogParamW

advapi32

RegOpenKeyExA
RegDeleteValueW
SetServiceStatus
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegQueryValueExA

ole32

CoRegisterClassObject
CoUninitialize
CoResumeClassObjects
CoInitializeEx
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

rpcrt4

NdrDllGetClassObject

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a2f6fed5836ad9b2c3cf240fe93fef8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 296KB - Virtual size: 585KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 296KB - Virtual size: 585KB

.rsrc
Size: 7KB - Virtual size: 6KB