3c13c57ad252bc64cf6c575300fb78a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c13c57ad252bc64cf6c575300fb78a1_JaffaCakes118
Size

4.4MB
MD5

3c13c57ad252bc64cf6c575300fb78a1
SHA1

7ba09c4fdaca47d78496bbea2690562620c9c276
SHA256

551f40133798cb9b0e29f81e0cb56a052237b13c9da438727bde976ec60dc722
SHA512

0bdd30a34bf0d6ec9594b915c2393f03564ebddf6cbd29f138dab646092d8e9a6e82ae1dfdd182a6557e5de0918360a533029b4d16306837bcc029d2aa156afb
SSDEEP

24576:blCDwVyja8cRQC/ActPKhE2Tu+NezDP387IXDj/Wr8agm/iOPF+Y9I6R3h0P5xZ:RCYRQpz4TXnAa7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c13c57ad252bc64cf6c575300fb78a1_JaffaCakes118

Files

3c13c57ad252bc64cf6c575300fb78a1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1ba0a4c323158ed80344c9e265f2424b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
CreateSemaphoreW
GetLastError
IsValidLocale
CreateFiberEx
HeapSize
HeapFree
HeapDestroy
VirtualAllocEx
GlobalAlloc
GetVersionExW
LockResource
MultiByteToWideChar
LCMapStringW
HeapReAlloc
HeapAlloc
WideCharToMultiByte
RtlUnwind
GetCommandLineW
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW

advapi32

RegDeleteKeyW
OpenSCManagerW
RegSetValueExW
RegCloseKey

gdi32

GetBkMode
GetFontUnicodeRanges

user32

GetDC
GetMenuDefaultItem
ShowWindowAsync
UpdateLayeredWindow
GetCursor

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aohn8
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ba0a4c323158ed80344c9e265f2424b

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 7.3MB

.aohn8 Size: 73KB - Virtual size: 73KB

.rsrc Size: 4.3MB - Virtual size: 4.3MB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 7.3MB

.aohn8
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 4.3MB - Virtual size: 4.3MB