3bdf689b5a7d0b8ed3cc0c39fd1501cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3bdf689b5a7d0b8ed3cc0c39fd1501cd_JaffaCakes118
Size

533KB
MD5

3bdf689b5a7d0b8ed3cc0c39fd1501cd
SHA1

feb0a0b634432cf05fa11322a7ad226e83d3ee9a
SHA256

0e36717698d055c63ac04d17536b6cc74d103bee60dea132e079ac2076011a95
SHA512

f9afaf004a95429ab48745afc1bef7cfb73709cdbb100ee495526a76e3bd1a15d19d2f0aaffdf31497d3882971b8b33dd4c80442861aa81fc300aced4a46cadc
SSDEEP

12288:rEVU/t62ik59q1zBbtqFTExTePvqlyj6WHTMS98Swc/oO:zbigqztA4Mj1Gep

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bdf689b5a7d0b8ed3cc0c39fd1501cd_JaffaCakes118

Files

3bdf689b5a7d0b8ed3cc0c39fd1501cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

909a67d88527d2e87e4394d986e537e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\yfkfh\phmn.PDB

Imports

kernel32

TlsAlloc
GetModuleFileNameA
GetFileType
GetTickCount
GetTimeFormatA
GetCurrentProcessId
GetCommandLineA
GlobalUnfix
GetCurrentProcess
LCMapStringA
GetEnvironmentStringsW
InterlockedIncrement
QueryPerformanceCounter
IsDebuggerPresent
GetCurrentThreadId
GetProfileStringA
GetSystemTimeAsFileTime
VirtualQuery
SetFilePointer
GetStringTypeA
SetConsoleCtrlHandler
GetStringTypeW
GetDateFormatA
GetPrivateProfileStringW
HeapSize
LeaveCriticalSection
GetConsoleCP
EnterCriticalSection
MoveFileA
SetLastError
SetUnhandledExceptionFilter
CreateFileA
CompareStringA
SetStdHandle
GetModuleFileNameW
GetProcessHeap
GetModuleHandleA
HeapCreate
GetOEMCP
GetCPInfo
GetStdHandle
VirtualFree
GetCommandLineW
TlsGetValue
FreeLibrary
EnumSystemLocalesA
GetLocaleInfoA
GetProcessAffinityMask
GetComputerNameW
TlsSetValue
WriteConsoleW
HeapReAlloc
FindFirstFileExW
FreeEnvironmentStringsW
FreeLibraryAndExitThread
GetPrivateProfileSectionA
LCMapStringW
HeapValidate
RtlUnwind
WriteFile
GetCalendarInfoA
WideCharToMultiByte
LoadLibraryA
CompareStringW
UnhandledExceptionFilter
GetCurrentThread
GetConsoleMode
IsValidCodePage
GetStartupInfoW
MultiByteToWideChar
ReadFile
CloseHandle
DeleteCriticalSection
GetTimeZoneInformation
GetVersionExA
SetCurrentDirectoryW
GetLocaleInfoW
VirtualAlloc
GetProcAddress
WriteConsoleA
RemoveDirectoryA
InterlockedDecrement
GetSystemDirectoryA
GetLogicalDrives
SetPriorityClass
IsValidLocale
HeapAlloc
GetEnvironmentVariableW
TerminateProcess
ExitProcess
OpenMutexA
GetACP
TlsFree
GetCurrencyFormatA
HeapDestroy
GlobalGetAtomNameA
InitializeCriticalSection
SetEnvironmentVariableA
GlobalGetAtomNameW
FreeEnvironmentStringsA
FlushFileBuffers
GetCurrencyFormatW
Sleep
SetHandleCount
GetUserDefaultLCID
GetConsoleOutputCP
GetEnvironmentStrings
GetStartupInfoA
InterlockedExchange
CreateMutexA
GetLastError
GetThreadContext
HeapFree

advapi32

CryptDeriveKey
LookupSecurityDescriptorPartsA
RegLoadKeyW
CreateServiceW
RegSetKeySecurity
GetUserNameA
RegCreateKeyExW
RegDeleteValueA
CryptGetUserKey
InitiateSystemShutdownW
LookupPrivilegeNameA
RegDeleteValueW
DuplicateToken
CryptSetProvParam
GetUserNameW
RegConnectRegistryW
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
InitializeSecurityDescriptor

shell32

SHFileOperation
SheChangeDirExW

comdlg32

GetFileTitleA
PrintDlgW
FindTextA

comctl32

InitCommonControlsEx

user32

CharToOemBuffW
InflateRect
PostMessageA
FreeDDElParam
RegisterClassA
RemoveMenu
SetClassWord
GetWindowRgn
RegisterClassExA
EmptyClipboard
ShowWindowAsync

gdi32

DrawEscape
EndDoc
PlayMetaFileRecord
ColorMatchToTarget
GetRegionData
CopyEnhMetaFileW
SetTextAlign
GetTextExtentPoint32A
LineDDA
SetDIBits

Sections

.text
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

909a67d88527d2e87e4394d986e537e0

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

comdlg32

comctl32

user32

gdi32

Sections

.text Size: 342KB - Virtual size: 341KB

.rdata Size: 69KB - Virtual size: 79KB

.data Size: 106KB - Virtual size: 106KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 342KB - Virtual size: 341KB

.rdata
Size: 69KB - Virtual size: 79KB

.data
Size: 106KB - Virtual size: 106KB

.rsrc
Size: 15KB - Virtual size: 14KB