b3e4b31dcfd2c738d32a67957024905e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b3e4b31dcfd2c738d32a67957024905e_JaffaCakes118
Size

2.4MB
MD5

b3e4b31dcfd2c738d32a67957024905e
SHA1

75f16cc43204b4aaf542f9ca827055a1c278f5cc
SHA256

d7e2ef817bce0f21baf87dc89b08d3b65ef5dcd463e6c5101dc8ce26d55c435f
SHA512

00e607cad8ee088b8ceec00f80eb2f905643ea7ab3c6e1de261931d95d67428a5aa398bb0660478b911128a335d6238d813cfa6f4aa0e1ec5ed2a4412e1d8d72
SSDEEP

49152:KaibNXTKD5fowf3ywg/UsbjC/uXSSKepX46W7k:18Y6wf3ywgssjC/uXVIx7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3e4b31dcfd2c738d32a67957024905e_JaffaCakes118

Files

b3e4b31dcfd2c738d32a67957024905e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6514b6cef40a32587e738d0edb8de504

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegFlushKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

comdlg32

GetOpenFileNameW

gdiplus

GdipCreateBitmapFromFile
GdipDisposeImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdiplusShutdown
GdiplusStartup

kernel32

CloseHandle
CreateFileA
CreateFileW
CreateMutexW
DeleteCriticalSection
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FindClose
FindFirstFileW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
LockResource
MultiByteToWideChar
OpenMutexW
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
SetLastError
RtlUnwind
SetEndOfFile
SetFilePointer
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrlen

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
VariantClear

shell32

CommandLineToArgvW
ShellExecuteW

user32

ChangeDisplaySettingsW
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
EnumDisplayDevicesW
EnumDisplaySettingsW
GetDesktopWindow
GetMessageW
GetSystemMetrics
LoadIconW
MessageBoxA
MessageBoxW
PostMessageW
RedrawWindow
RegisterClassW
SendMessageW
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TranslateMessage
UpdateWindow

winmm

waveOutGetVolume
waveOutSetVolume

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Geddon
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6514b6cef40a32587e738d0edb8de504

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

gdiplus

kernel32

ole32

oleaut32

shell32

user32

winmm

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 16KB - Virtual size: 16KB

.text1 Size: 448KB - Virtual size: 448KB

.adata Size: 64KB - Virtual size: 64KB

.data1 Size: 192KB - Virtual size: 192KB

.pdata Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 364KB - Virtual size: 364KB

.Geddon Size: 4KB - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 16KB - Virtual size: 16KB

.text1
Size: 448KB - Virtual size: 448KB

.adata
Size: 64KB - Virtual size: 64KB

.data1
Size: 192KB - Virtual size: 192KB

.pdata
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 364KB - Virtual size: 364KB

.Geddon
Size: 4KB - Virtual size: 4KB