3c947318b93d41e9ad1c54825d374b9c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c947318b93d41e9ad1c54825d374b9c_JaffaCakes118
Size

141KB
MD5

3c947318b93d41e9ad1c54825d374b9c
SHA1

29c4528acd7e03f0ade9f9490d1d22018c8c6644
SHA256

bd5e755d84f35412866963492bd1ddac2f52ba2a8808315f74d53bc0967e20e5
SHA512

29cbf3c1882b25007c3bcf91826cf6256e5fcc58fb9da0b612e57c9dbe54fd78b7cebf76b4ae888415c35fbf507988aac5d653c93faaafab4f98bef9212b96a9
SSDEEP

3072:29dieXfA2rnvBfHF7qQ9ROgtAp/S3c2ISPD3Osehnme2FPxgtKVWn:2/HnvFHsQjns/oeNYFZNe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c947318b93d41e9ad1c54825d374b9c_JaffaCakes118

Files

3c947318b93d41e9ad1c54825d374b9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10e9a735d6dccd484bdc15bd676cc98a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
GetProcAddress
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
ResetEvent
lstrcpyA
lstrlenA
GetPrivateProfileSectionNamesA
lstrcatA
GetWindowsDirectoryA
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
lstrcmpA
GetPrivateProfileStringA
GetVersionExA
DeleteFileA
GetLastError
CreateDirectoryA
GetFileAttributesA
CreateProcessA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
LocalFree
FindNextFileA
LocalReAlloc
FindFirstFileA
LocalAlloc
RemoveDirectoryA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WriteFile
MoveFileA
WritePrivateProfileStringA
GetCurrentProcess
OpenProcess
GetLocalTime
Sleep
InterlockedExchange
ExitProcess
HeapFree
GlobalFree
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalSize
GetTickCount
LocalSize
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
Process32Next
lstrcmpiA
GetCurrentThreadId
DeviceIoControl
GetSystemInfo
GlobalMemoryStatus
FreeResource
SizeofResource
LoadResource
FindResourceA
ReleaseMutex
OpenEventA
SetErrorMode
GetModuleFileNameA
CreateMutexA
RtlUnwind
RaiseException
HeapAlloc
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetCommandLineA
GetVersion
TlsAlloc
SetLastError
SetUnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW

msvfw32

ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ujyhkuy
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10e9a735d6dccd484bdc15bd676cc98a

Headers

File Characteristics

Imports

kernel32

msvfw32

Sections

.text Size: 94KB - Virtual size: 94KB

.ujyhkuy Size: 6KB - Virtual size: 5KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 21KB - Virtual size: 25KB

.rsrc Size: 512B - Virtual size: 232B

.text
Size: 94KB - Virtual size: 94KB

.ujyhkuy
Size: 6KB - Virtual size: 5KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 21KB - Virtual size: 25KB

.rsrc
Size: 512B - Virtual size: 232B