fff3b790df883d2501a3a407b2da47da_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fff3b790df883d2501a3a407b2da47da_JaffaCakes118
Size

435KB
MD5

fff3b790df883d2501a3a407b2da47da
SHA1

3061d27472c8d405844c9fdcbcc67da1703c97d6
SHA256

970cb1cc8c0b58441aeb31287f0af097c21e18ff498a8a376a26b01b70514909
SHA512

3504682a5c0448e48b031828cdea3fd9f9985e3957221376864da9a0e6bb9776f9628f04875cc7010b00f8c10c2fb19808ae5de2ddbb84536e43b5d2da992f34
SSDEEP

6144:RTmWSTjbdk59HBxomB/s3FPl6Jgg51jIFeskoLXlY6IB74dYypmndI36Yn94t35W:cjJp5RWr2DpmnmuVS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fff3b790df883d2501a3a407b2da47da_JaffaCakes118

Files

fff3b790df883d2501a3a407b2da47da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9dff2ad8d7e5bc418ad872d8d65dfe4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesW
OffsetClipRgn
GdiPlayJournal
SetMagicColors
PtInRegion
GetEnhMetaFileW
GetEnhMetaFileDescriptionW
Chord
CopyEnhMetaFileW
PlayMetaFile
GetClipRgn
GetObjectA
DeleteEnhMetaFile
RestoreDC
CloseEnhMetaFile
GetTextCharacterExtra

advapi32

StartServiceA
LookupPrivilegeDisplayNameW
GetUserNameW
CryptAcquireContextW
DuplicateToken
CryptSetProviderW
CryptGetProvParam
StartServiceW
RegLoadKeyW
LookupPrivilegeValueW
CryptCreateHash
RegRestoreKeyW
RegQueryValueExA
RegConnectRegistryA

wininet

InternetTimeFromSystemTimeA

user32

SetWindowContextHelpId
DialogBoxParamA
ChildWindowFromPoint
SetSystemCursor
SetClassWord
InsertMenuA
DestroyCursor
ReuseDDElParam
MessageBoxIndirectA
OemToCharW
DdePostAdvise

kernel32

ExitProcess
GetCommandLineA
HeapReAlloc
TlsAlloc
GetDateFormatA
GetLogicalDriveStringsW
TerminateProcess
SetHandleCount
LCMapStringA
WriteFile
IsDebuggerPresent
GetCommandLineW
IsValidCodePage
HeapFree
GetModuleFileNameW
TlsGetValue
SetConsoleCtrlHandler
WideCharToMultiByte
GetTickCount
VirtualAlloc
GetProcessHeap
FreeEnvironmentStringsW
LeaveCriticalSection
VirtualFree
GetCurrentProcessId
CompareStringW
LoadLibraryExW
EnterCriticalSection
GetLastError
VirtualQuery
FreeEnvironmentStringsA
GetStringTypeA
GetTimeZoneInformation
GetStartupInfoA
HeapSize
EnumSystemLocalesA
SetLastError
GetVersionExA
GetModuleFileNameA
LoadLibraryA
GetCPInfo
UnhandledExceptionFilter
IsValidLocale
GetProcAddress
SetEnvironmentVariableA
GetCurrentThread
HeapCreate
GetStringTypeW
GetUserDefaultLCID
HeapAlloc
GetEnvironmentStrings
GetCurrentThreadId
GetEnvironmentStringsW
TlsSetValue
GetModuleHandleA
QueryPerformanceCounter
Sleep
GetFileType
GetSystemTimeAsFileTime
TlsFree
GetCurrentProcess
InitializeCriticalSection
MultiByteToWideChar
GetOEMCP
GetStdHandle
GetLocaleInfoA
HeapDestroy
DeleteCriticalSection
FreeLibrary
GetLocaleInfoW
InterlockedDecrement
RtlUnwind
CompareStringA
GetTimeFormatA
GetACP
SetUnhandledExceptionFilter
LCMapStringW
InterlockedIncrement
GetStartupInfoW
InterlockedExchange

comdlg32

GetSaveFileNameA
GetFileTitleW
ChooseFontA
ChooseColorA
GetSaveFileNameW
ChooseColorW
PageSetupDlgW
ReplaceTextA
PrintDlgA

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9dff2ad8d7e5bc418ad872d8d65dfe4

Headers

File Characteristics

Imports

gdi32

advapi32

wininet

user32

kernel32

comdlg32

Sections

.text Size: 157KB - Virtual size: 156KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 157KB - Virtual size: 156KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 2KB - Virtual size: 1KB