3aee3dae3bc5f6c6b54dbb935595d2a4_JaffaCakes118

General

Target

3aee3dae3bc5f6c6b54dbb935595d2a4_JaffaCakes118
Size

63KB
MD5

3aee3dae3bc5f6c6b54dbb935595d2a4
SHA1

bb5a27c0b45d75b925c77d7839a37022ee71a4ca
SHA256

699944c531f6d0c7abd4e7fc6fc7ff75edcd327d2dc1b106ab29cb579f182389
SHA512

29039a6734d3495d96153df404a121e7e1c97a25befcd916f24d876e5ff66350b333515e10cbdcf86e1b687c41c718ca0e86f11e2e405835abd4a4b70cc81068
SSDEEP

1536:g7oQkfFho1UySBZBR+mHNlz9OQkSIyg85K1AcmhOO:VFrySBxbNl5OQ3v58S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aee3dae3bc5f6c6b54dbb935595d2a4_JaffaCakes118

Files

3aee3dae3bc5f6c6b54dbb935595d2a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3eb936a67c1ee019dd592418578963d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
FileTimeToDosDateTime
GetLastError
GetFileAttributesA
VirtualAlloc
CopyFileA
IsBadHugeWritePtr
CreateWaitableTimerW
GetDiskFreeSpaceA
SystemTimeToTzSpecificLocalTime
GetPrivateProfileIntW
DisableThreadLibraryCalls
GetFileInformationByHandle
CopyFileW
VirtualProtect
GetModuleHandleW
ExitProcess
LocalHandle
LoadLibraryA
GetCompressedFileSizeA
CreateSemaphoreA
MultiByteToWideChar
GetCurrentDirectoryA
CreateWaitableTimerA
RtlMoveMemory
HeapCreate
GetEnvironmentVariableA
OutputDebugStringA
GetStdHandle
GetCurrentDirectoryW
LocalReAlloc

msvcrt

sprintf
memcpy
getc
_vsnprintf
vprintf
ispunct
isupper
__p__wcmdln
_fileno
calloc
__RTDynamicCast

user32

GetClassLongW
LoadCursorFromFileA
CopyRect
LockSetForegroundWindow
GetWindowPlacement
ModifyMenuA
GetMonitorInfoW
LoadStringA
EmptyClipboard
LoadStringW

gdi32

SetPixel
CreateCompatibleDC
GetCurrentObject
GetDeviceCaps
CreateRectRgn
SetDIBitsToDevice
CreateFontIndirectW
CombineRgn
SetTextColor
GetNearestPaletteIndex
GetRgnBox
GetNearestColor

Exports

Exports

NkhntFfxnodz
NwqUwzneff

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3eb936a67c1ee019dd592418578963d

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 14KB - Virtual size: 13KB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 512B - Virtual size: 78B

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 512B - Virtual size: 78B