3c43a6f9c68c0eedd91d121021c1bef8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3c43a6f9c68c0eedd91d121021c1bef8_JaffaCakes118
Size

771KB
MD5

3c43a6f9c68c0eedd91d121021c1bef8
SHA1

58acaa5aee6689940f984be3232c71f5a7ae9647
SHA256

daa80283bd95643acda4b24b79974870770626ae5a06a8afc01badb2ef031cb4
SHA512

7b292e24ebe075c76fbc2daef7e4aef9ae3032eb89a15473c99928bd263d75bf16382f06b93b720f3a00f548519380d54b3d28b5c46c10772625dd6d34ef9dcb
SSDEEP

12288:lV+bOHnCgKWzZc296uSnbG2u8OADUhEWG0Dajdxrj:/+bGCx24uk3u8OADLcORxX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c43a6f9c68c0eedd91d121021c1bef8_JaffaCakes118

Files

3c43a6f9c68c0eedd91d121021c1bef8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fd497cfaef1fd9b3d9f2987fb1cfd836

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
CryptSetProviderA
RegQueryValueExW
RegDeleteKeyW
RegQueryInfoKeyW
RegDeleteValueW
CryptSignHashA
RegCreateKeyExW
CryptVerifySignatureA
RegEnumValueW
RegSetValueExA
RegCloseKey
RegEnumValueA
RegEnumKeyExA
RegEnumKeyExW
RegDeleteKeyA
RegQueryInfoKeyA
CryptAcquireContextA
RegSetValueExW
RegQueryValueExA
RegCreateKeyExA

shell32

ShellExecuteW
Shell_NotifyIconW

dnsapi

DnsDhcpSrvRegisterHostName
DnsApiFree
DnsApiAlloc

comdlg32

PrintDlgA
GetOpenFileNameA

ws2_32

WSAEventSelect
WSALookupServiceEnd
WSASocketW
WSAAddressToStringW
WSASendTo
WSARecvFrom
WSAAddressToStringA
WSALookupServiceNextW
getnameinfo
WSAIoctl
WSALookupServiceBeginW
getaddrinfo
freeaddrinfo
WSAStringToAddressA

comctl32

PropertySheetW
ImageList_Draw
CreatePropertySheetPageW
CreateToolbarEx
ImageList_Destroy
InitCommonControlsEx
ImageList_GetIconSize

wmi

WmiNotificationRegistrationW

shlwapi

PathStripToRootW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathIsUNCW

crypt32

CertFindCertificateInStore
CertFreeCertificateContext
CertOpenStore
CryptUnprotectData
CertCloseStore

kernel32

LocalAlloc
InterlockedExchange
GetModuleHandleA
LocalReAlloc
GlobalReAlloc
SetThreadPriority
HeapDestroy
GetAtomNameW
TerminateProcess
HeapCreate
SetFileTime
GetCurrentDirectoryA
FindFirstFileW
WideCharToMultiByte
GetDriveTypeW
GetThreadLocale
WriteFile
SetErrorMode
GetStringTypeExW
SetCurrentDirectoryA
DeleteFileW
TlsFree
VirtualAlloc
InitializeCriticalSection
ResetEvent
SetEndOfFile
ResumeThread
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
SetFilePointer
InterlockedDecrement
HeapSize
FlushFileBuffers
FindClose
CreateFileW
GetVolumeInformationW
TlsSetValue
GlobalFlags
VirtualFree
GetCurrentProcess
GlobalAlloc
GetLastError
GetPrivateProfileIntW
CreateProcessW
GetCommandLineA
GlobalUnlock
GetModuleFileNameW
GetOEMCP
GetProcessHeap
GetStdHandle
CopyFileW
LCMapStringA
ConvertDefaultLocale
UnhandledExceptionFilter
LoadLibraryA
RtlUnwind
GlobalSize
GlobalAddAtomW
CreateEventW
GetCurrentThreadId
SetFileAttributesW
lstrcpyA
LocalFileTimeToFileTime
CompareStringW
GetSystemInfo
FormatMessageW
LoadResource
GlobalHandle
GlobalFree
FreeEnvironmentStringsA
GlobalGetAtomNameW
ExitThread
GetFileAttributesW
GetCurrentThread
DuplicateHandle
GetVersion
CompareStringA
GetStartupInfoW
HeapReAlloc
GetVersionExW
HeapFree
TlsAlloc
WritePrivateProfileStringW
LCMapStringW
ExitProcess
CloseHandle
EnumResourceLanguagesW
lstrcmpiW
FileTimeToSystemTime
LeaveCriticalSection
lstrlenA
TlsGetValue
LockResource
SizeofResource
MulDiv
GetUserDefaultLCID
GlobalDeleteAtom
GetEnvironmentStrings
ReadFile
HeapAlloc
EnterCriticalSection
Sleep
GlobalLock
IsValidCodePage
FatalAppExitA
SetEvent
SetLastError
FileTimeToLocalFileTime
MoveFileW
DeleteCriticalSection
lstrcmpW
GetEnvironmentStringsW
GetFileAttributesA
GetShortPathNameW
GetVersionExA
InterlockedIncrement
GetCPInfo
GetFileSize
GetLocaleInfoW
GetCommandLineW
RaiseException
lstrlenW
UnlockFile
FindResourceW
WaitForSingleObject
LockFile
GetFullPathNameW
GetPrivateProfileStringW
lstrcmpA
GlobalFindAtomW
SetHandleCount
CreateThread
FindNextFileW
GetFileTime
GetACP
IsDebuggerPresent
SuspendThread
SystemTimeToFileTime
GetCurrentProcessId
FreeResource

user32

GetMessageTime
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
UpdateWindow
GetMessagePos
EqualRect
SetScrollRange
GetClassInfoExW
TrackPopupMenuEx
MapWindowPoints
ScrollWindow
ShowScrollBar
GetMenu
GetScrollRange

msvcrt

wcschr
_snwprintf
memmove
isupper
sprintf
wcslen
atol
strtoul
_wcsnicmp
_except_handler3
_wcsicmp
_ltoa
_ultoa
strncpy
wcscat
malloc
isxdigit
wcscmp
free
_ltow
isdigit
strncmp
bsearch
_initterm
_onexit
wcscpy
_adjust_fdiv
qsort
__dllonexit

rpcrt4

RpcStringBindingComposeW
RpcImpersonateClient

version

GetFileVersionInfoSizeA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 724KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd497cfaef1fd9b3d9f2987fb1cfd836

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

dnsapi

comdlg32

ws2_32

comctl32

wmi

shlwapi

crypt32

kernel32

user32

msvcrt

rpcrt4

version

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 7KB - Virtual size: 2.1MB

.rsrc Size: 724KB - Virtual size: 724KB

.rdata Size: 14KB - Virtual size: 14KB

.reloc Size: 512B - Virtual size: 36B

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 7KB - Virtual size: 2.1MB

.rsrc
Size: 724KB - Virtual size: 724KB

.rdata
Size: 14KB - Virtual size: 14KB

.reloc
Size: 512B - Virtual size: 36B