3c89e3c89474bad051206672c60cdfe9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c89e3c89474bad051206672c60cdfe9_JaffaCakes118
Size

21KB
MD5

3c89e3c89474bad051206672c60cdfe9
SHA1

eeadce79edd01624b606a8353251e79ec30d8c0a
SHA256

7e001bbb4d0830ca6a6bc3f6a12f9cae0c1b1737cfe6a2c55f6f25a2e9e4f2f6
SHA512

0da0ef1a1b6cf47fdee2f768e62d1b26f662fd5f4dff2c4f60dfb45fa48a8ee6082a05890e6f048a6cfee8f7053aa8599c2a9a1824fbb58901862fed8f017ee7
SSDEEP

192:rTASgsU96whPv5BmnIu/4Runx+g8srH2IVx76eLS6GNLSA9LtjA572:o3sUzBmIh8nxb8BIVmNLSAVFAa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c89e3c89474bad051206672c60cdfe9_JaffaCakes118

Files

3c89e3c89474bad051206672c60cdfe9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bd4512990ad8ffed025f582b3c1eee4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetCurrentProcess
GetCurrentThreadId
GetFileAttributesA
GetTempPathA
lstrlenA
SetFileAttributesA
LocalLock
SetFileAttributesA
GetVersion
GlobalUnlock
CreateDirectoryA
LoadLibraryExA
CreateFileA
CreateThread
SetFileTime
GetStartupInfoA
GlobalAlloc
GetModuleHandleA
WriteFile
FreeLibrary
RemoveDirectoryA
GetExitCodeProcess
GetDriveTypeA
GetSystemInfo
CreateProcessA
CreateEventA
GlobalFree
FreeResource
GetTickCount
SizeofResource
MulDiv
FindResourceA
VirtualQuery
CloseHandle
lstrcmpA
lstrcatA
GetWindowsDirectoryA
SetCurrentDirectoryA
IsDBCSLeadByte
ExitProcess
GetSystemDirectoryA
GetLastError
ResetEvent
_lopen
FindFirstFileA
LoadResource
LocalAlloc
_lclose
lstrcmpiA
FormatMessageA
lstrcpynA
CreateMutexA
SetEvent
lstrcpyA
FindClose
GlobalLock
_llseek
GetVersionExA
TerminateThread
GetDiskFreeSpaceA
GetCommandLineA
GetModuleFileNameA
GetShortPathNameA
GetCurrentProcessId
UnhandledExceptionFilter
GetVolumeInformationA
ReadFile
GetCurrentDirectoryA
SetUnhandledExceptionFilter
SetDllDirectoryA
LockResource
GetTempFileNameA
FindNextFileA
LocalFree
SetFilePointer
GetProcAddress

advapi32

RegCloseKey
EqualSid
RegCreateKeyExA
OpenProcessToken
RegQueryInfoKeyA
AdjustTokenPrivileges
RegSetValueExA
FreeSid
RegQueryValueExA
GetTokenInformation
RegDeleteValueA
RegOpenKeyExA

user32

ExitWindowsEx
CharPrevA
wsprintfA
GetDesktopWindow
SetWindowTextA
SendMessageA
GetDlgItem
CharNextA
EndDialog
PeekMessageA
ShowWindow
EnableWindow
GetWindowRect
MessageBeep
DispatchMessageA
GetWindowLongA
LoadStringA
SetWindowLongA
SetDlgItemTextA
CharUpperA
MessageBoxA
SetWindowPos
GetDlgItemTextA
CallWindowProcA
GetSystemMetrics

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

gdi32

GetDeviceCaps

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vfpe
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 129KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd4512990ad8ffed025f582b3c1eee4e

Headers

File Characteristics

Imports

kernel32

advapi32

user32

version

gdi32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 121KB

.vfpe Size: 3KB - Virtual size: 3KB

.edata Size: 129KB - Virtual size: 259KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 121KB

.vfpe
Size: 3KB - Virtual size: 3KB

.edata
Size: 129KB - Virtual size: 259KB