b3a1a3ac31a4ba2a5385e3d87dbd5fa5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b3a1a3ac31a4ba2a5385e3d87dbd5fa5_JaffaCakes118
Size

2.1MB
MD5

b3a1a3ac31a4ba2a5385e3d87dbd5fa5
SHA1

0b98dca26bc49a5574efea85b1c2528dc3c2a1f3
SHA256

a0707dc5566e1720b80235eec3792b0757edf58aacafe87bc4ba1cea7d5cae74
SHA512

ad4177b055c44945a9f36f3215bd96bf861d80b7726302ac0ee870b36fe97f5bfd54013f760430a4f8d9e374c93bb9256244e8f6cb83831a6798ca8187ac9bd7
SSDEEP

49152:/A92C5H6RFozEqoItn0w6VW8F0t2Y4XVnounOlYK:/A9oRFzWtwfKCXWun6YK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3a1a3ac31a4ba2a5385e3d87dbd5fa5_JaffaCakes118

Files

b3a1a3ac31a4ba2a5385e3d87dbd5fa5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f3c834589b463d94e4387ba4e8dace6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

InitializeSecurityDescriptor
CryptGenRandom
CryptDeriveKey
CopySid
CryptAcquireContextA
ClearEventLogW
GetLengthSid
OpenThreadToken
RegEnumValueA
BuildTrusteeWithNameW
EnumServicesStatusW
RegOpenKeyExW
AdjustTokenPrivileges
RegOpenKeyA
MakeSelfRelativeSD
GetPrivateObjectSecurity
StartServiceCtrlDispatcherA

version

GetFileVersionInfoA

kernel32

ScrollConsoleScreenBufferA
GetAtomNameA
GetSystemTimeAsFileTime
IsBadWritePtr
IsBadReadPtr
VirtualQuery
UnhandledExceptionFilter
GetTapeParameters
GetCompressedFileSizeW
GetTempPathW
GetTempFileNameA
SetConsoleTitleA
CreateWaitableTimerA
SetThreadLocale
GetCommConfig
SetCommMask
LoadLibraryExA
ExitProcess
SetEvent
FatalAppExitA
SetConsoleCursorPosition
GlobalFindAtomA
SetProcessWorkingSetSize
WriteFile
CreateNamedPipeW
GetBinaryTypeA
GetPrivateProfileStringA
SetEndOfFile
CreateDirectoryW
CompareStringA
FindFirstFileExW
GetEnvironmentVariableW
GetFileInformationByHandle
SetProcessShutdownParameters
CloseHandle
EraseTape
_hread
WritePrivateProfileStringW
GlobalAddAtomA
QueryDosDeviceW
GlobalReAlloc
RaiseException
_lclose
OpenMutexA
LocalSize
EnumResourceNamesW
GetDriveTypeA
WaitNamedPipeA
EnumSystemCodePagesW
LocalFileTimeToFileTime
MultiByteToWideChar
VirtualAllocEx
OpenFile
GetFileAttributesExA

comctl32

ImageList_Create
ImageList_LoadImageW

ole32

OleCreateMenuDescriptor
OleSetClipboard
RevokeDragDrop
OleSetContainedObject

user32

RegisterClassW
GetFocus
CreateMenu
CreateIconFromResource
DispatchMessageA
HiliteMenuItem
GetWindowRgn
SetWindowsHookExA
CharNextA

ws2_32

WSAConnect
WSANtohs
WSASetServiceW
WSARecv

Sections

.text
Size: 40KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f3c834589b463d94e4387ba4e8dace6

Headers

File Characteristics

Imports

advapi32

version

kernel32

comctl32

ole32

user32

ws2_32

Sections

.text Size: 40KB - Virtual size: 256KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 40KB - Virtual size: 256KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB