3024934e16b707cc3ab1dae85d5b77f7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3024934e16b707cc3ab1dae85d5b77f7_JaffaCakes118
Size

3.7MB
MD5

3024934e16b707cc3ab1dae85d5b77f7
SHA1

091600ebd7bc65b030aedc765122be7b5c8b8f95
SHA256

e8fee4f893babd87392db71b54847a03521ef9ceec5b3de47e24a6eafac4db32
SHA512

407cb052a1984bcc9ddd2eb809cabc66d66ac677510be3f55125b5a6d0fdf4e73bd91e3e72cef79fb312de928f1e41161f9a3705544c3fed8c26a2980c0b71ab
SSDEEP

98304:wNDba8eVjcWUvkqApq+fjemkdqs4IBd3ADgwe5qebikTh2qkBRd8uqA0a1J5yn:wNi8yjcfsXsIX2OvS552q1u+a1Kn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3024934e16b707cc3ab1dae85d5b77f7_JaffaCakes118

Files

3024934e16b707cc3ab1dae85d5b77f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44e1faee3b8560ad2d4a1623c2909f77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingW
GetEnvironmentStrings
GetCommandLineW
OpenEventW
GetThreadLocale
OpenMutexA
FormatMessageA
TlsGetValue
SizeofResource
FlushFileBuffers
GetVersion
UnhandledExceptionFilter
QueryPerformanceCounter
lstrcpynA
GetFileAttributesW
IsBadWritePtr
TlsFree
GetLastError
VirtualAlloc
FindNextFileW
GetCommandLineA
GetDriveTypeA
FindResourceW
GetModuleHandleW
FindResourceA
ReleaseSemaphore
GetComputerNameW
OpenEventA
ResumeThread
GetModuleHandleA
GetStdHandle
Sleep
GetTickCount
SetUnhandledExceptionFilter
GetFileSize
GetExitCodeProcess
GetFileAttributesA
SetLastError
GetDriveTypeW
WriteProfileStringW
LeaveCriticalSection
ExitProcess
DeleteFileA
CreateMutexW
MapViewOfFile
GetCurrentDirectoryW
LocalFree
GetLocaleInfoW
WaitForSingleObject
GetACP
CreateEventA

user32

CheckRadioButton
SetWindowLongA
SetRect
DrawTextA
PostMessageA
CheckMenuItem
RegisterClassExW
UnregisterClassA
CharLowerW
GetWindowLongA
SetWindowPos
CopyRect
GetWindowTextW
LoadStringW
EnableMenuItem
DestroyMenu
ClientToScreen
PeekMessageW
UpdateWindow
RegisterClipboardFormatW
EndDialog
SystemParametersInfoW
GetWindowRect

advapi32

AddAce
RegFlushKey
SetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetUserNameW
SetEntriesInAclW
InitializeAcl
SetThreadToken
GetAce
QueryServiceStatus
RevertToSelf
QueryServiceConfigW
GetSidIdentifierAuthority
LsaQueryInformationPolicy
DeleteService
LookupPrivilegeValueW
CryptAcquireContextA
SetSecurityDescriptorOwner
RegEnumValueA
IsValidSid
RegQueryInfoKeyW
CryptDestroyKey
RegSetValueA
RegOpenKeyA
RegCloseKey
GetTokenInformation
ConvertSidToStringSidW
CryptCreateHash
CloseServiceHandle
CryptHashData
LsaOpenPolicy
RegDeleteKeyW
OpenSCManagerW
SetSecurityDescriptorGroup
RegCreateKeyExA
SetFileSecurityW
ReportEventW
AllocateAndInitializeSid
RegQueryInfoKeyA
DeregisterEventSource
ConvertStringSidToSidW
CryptGenRandom
LsaFreeMemory
RegOpenKeyW
GetSecurityDescriptorOwner
LookupAccountNameW
RegEnumKeyA
RegEnumValueW
UnlockServiceDatabase
GetTraceLoggerHandle

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 7KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44e1faee3b8560ad2d4a1623c2909f77

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

DATA Size: 4KB - Virtual size: 4KB

.textbss Size: 7KB - Virtual size: 6KB

.bss Size: 2KB - Virtual size: 1KB

.bss Size: 6KB - Virtual size: 5KB

.bss Size: 1KB - Virtual size: 3.5MB

.bss Size: 4KB - Virtual size: 4KB

.tls Size: 8KB - Virtual size: 7KB

.bss Size: 6KB - Virtual size: 6KB

.tls Size: 7KB - Virtual size: 2.4MB

BSS Size: 3KB - Virtual size: 3KB

.tls Size: - Virtual size: 7KB

.rsrc Size: 98KB - Virtual size: 100KB

.text
Size: 3.5MB - Virtual size: 3.5MB

DATA
Size: 4KB - Virtual size: 4KB

.textbss
Size: 7KB - Virtual size: 6KB

.bss
Size: 2KB - Virtual size: 1KB

.bss
Size: 6KB - Virtual size: 5KB

.bss
Size: 1KB - Virtual size: 3.5MB

.bss
Size: 4KB - Virtual size: 4KB

.tls
Size: 8KB - Virtual size: 7KB

.bss
Size: 6KB - Virtual size: 6KB

.tls
Size: 7KB - Virtual size: 2.4MB

BSS
Size: 3KB - Virtual size: 3KB

.tls
Size: - Virtual size: 7KB

.rsrc
Size: 98KB - Virtual size: 100KB