3bb7e87d2f57bd9583b8a62ed264484f_JaffaCakes118

General

Target

3bb7e87d2f57bd9583b8a62ed264484f_JaffaCakes118
Size

828KB
MD5

3bb7e87d2f57bd9583b8a62ed264484f
SHA1

0d5036093d07a4d89ccb3a14461a18f8cc47f0df
SHA256

a941a023ce28724eebae461dcbef9c55f3d1c29d087a9e70d6ec265f957948c0
SHA512

bcfbcd1d2d21fc02088de438fda04da5cd5d7ee3fb9d68c65c12b204c96018bb80814bac2b54b92e73a73300aa7fd09ce28fd4557c9bee318b9392a59b05de14
SSDEEP

12288:2q4CN6vCUQx6lQ+nEhAK7LuJcBWxe5dMerRyhzd:u3KTx6lQgs37LuOJce8Nd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bb7e87d2f57bd9583b8a62ed264484f_JaffaCakes118

Files

3bb7e87d2f57bd9583b8a62ed264484f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3577d3b635853fe01c53bea3d154f76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FlushFileBuffers
ExitThread
ReadConsoleInputW
VirtualQuery
GetProfileIntA
LocalAlloc
GetTempFileNameA
FormatMessageW
TryEnterCriticalSection
LocalSize
ReadDirectoryChangesW
GetVersion
GetTapeParameters
FindFirstFileW
IsValidLocale
FreeResource
GetProcessTimes
LeaveCriticalSection
SetTimeZoneInformation
SetNamedPipeHandleState
DuplicateHandle
FreeLibraryAndExitThread
GenerateConsoleCtrlEvent
WriteFile
SearchPathW
WritePrivateProfileSectionW
ClearCommBreak
FreeEnvironmentStringsA
CreateIoCompletionPort
GetHandleInformation
_lread
SetThreadAffinityMask
GetBinaryTypeW
GetShortPathNameW
GetSystemDirectoryW
lstrcmpA
GetWindowsDirectoryA
LCMapStringA
CreateFileW
EndUpdateResourceA
FreeLibrary
SetConsoleWindowInfo
GetThreadContext
GlobalFlags
IsBadReadPtr
GetConsoleMode
lstrcpynA
GlobalUnlock
GetCommModemStatus
DosDateTimeToFileTime
GlobalAddAtomW
CompareStringW
PulseEvent
Beep
GetModuleFileNameW

user32

GetWindowLongA
TrackPopupMenuEx
ExcludeUpdateRgn
IsCharAlphaNumericW
EnumWindowStationsW
LoadMenuIndirectW
CreateDialogIndirectParamA

oleaut32

LoadTypeLibEx

ole32

OleQueryLinkFromData
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoTaskMemRealloc

Sections

.text
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3577d3b635853fe01c53bea3d154f76

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

ole32

Sections

.text Size: 358KB - Virtual size: 358KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 404KB - Virtual size: 404KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 358KB - Virtual size: 358KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 404KB - Virtual size: 404KB

.rsrc
Size: 60KB - Virtual size: 60KB