3c99b059119dc0bf1ec630dd7e8b9631_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c99b059119dc0bf1ec630dd7e8b9631_JaffaCakes118
Size

2.0MB
MD5

3c99b059119dc0bf1ec630dd7e8b9631
SHA1

ee2118989eead93dc6c4c13ab16a4deaeaf37219
SHA256

afb81228590b4eff9c279f67df78e13ec7ae922c3e0209f17cea7f5741c10643
SHA512

532d36f9a7fd23b376a232bb9ae2a57c4ba564a1cfef3e35ac9bafb1ab07a807c6c0f1099de88b299e5946e27b1bb3c24e9fb46e2abdf4144ab05825ffaaa131
SSDEEP

49152:cRXuLYNsfZIzWWxI6JmgNim33Vh8vO4C31EwpRcLTe:wKYNuIzWWxI6JmkhlnD3uLTe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c99b059119dc0bf1ec630dd7e8b9631_JaffaCakes118

Files

3c99b059119dc0bf1ec630dd7e8b9631_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6285bac55ccb47e3aa648290a1dd3f1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExA
GetCommandLineW
VirtualProtect
ReadFile
GetShortPathNameW
SetEnvironmentVariableW
GetUserDefaultLangID
FreeLibrary
_llseek
SetNamedPipeHandleState
GetProcessHeap
GetCPInfo
OpenSemaphoreW
GetCompressedFileSizeW
LocalAlloc
GetTempPathW
SystemTimeToFileTime
LoadResource
PulseEvent
GetSystemTimeAdjustment
GetWindowsDirectoryA
SetErrorMode
IsBadReadPtr
SetProcessShutdownParameters
QueryDosDeviceW
FlushFileBuffers
DuplicateHandle
CreateProcessA
VirtualAllocEx
GetACP
lstrcmpiA
PrepareTape
EnumDateFormatsW
GetVersion
CreateDirectoryA
SetConsoleWindowInfo
CopyFileExW
lstrcatW
LocalReAlloc
SwitchToFiber
WriteFile
GetEnvironmentVariableW
GetCurrentProcessId
LCMapStringA
EraseTape
ExitProcess

oleaut32

SysStringLen
SysFreeString
LoadTypeLi
SafeArrayGetElement
VariantChangeType
SysAllocStringLen

user32

BringWindowToTop
GetDoubleClickTime
TrackPopupMenu
IsCharAlphaA
GetClassLongA
GetSysColorBrush
KillTimer
SetUserObjectInformationW
ChangeClipboardChain
IsWindow
GetClientRect
DefMDIChildProcW
GetDlgItem
CharUpperA
SetRect
PeekMessageW
SetMenuDefaultItem
MoveWindow
LoadCursorA
GetSystemMetrics
RegisterWindowMessageW
ChangeMenuW
MonitorFromRect

advapi32

InitializeAcl
CryptGetHashParam
GetCurrentHwProfileW
CloseServiceHandle
LogonUserW
OpenProcessToken
RegSetValueExA
GetUserNameA
CryptGenKey
LookupAccountNameA
RegOpenKeyA
OpenSCManagerW

Sections

.text
Size: 2KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6285bac55ccb47e3aa648290a1dd3f1e

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

advapi32

Sections

.text Size: 2KB - Virtual size: 219KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 219KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB