3bea04e490b35d387a5e8e85f888f549_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3bea04e490b35d387a5e8e85f888f549_JaffaCakes118
Size

430KB
MD5

3bea04e490b35d387a5e8e85f888f549
SHA1

cfbe5bcf9a6c9c5a7348e9675c35b97bb56905f4
SHA256

0e57ccf0247fbd350f34df8e4435f4e0943bd882fd1633f5594f513074617e1d
SHA512

62895005b17aafd765e8fd332260add85987380455ad7c9fdd3f55a05ef9242a8e96b2ef2290c276f2f37abd1e48d47a4e4c10b409b0738785fa72170be14688
SSDEEP

12288:YV6YQNGpxUTQAM8O/S5bPbL67PS76Ew76OFW+K:Pq4TlM5/S5KPSmEWVFW+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bea04e490b35d387a5e8e85f888f549_JaffaCakes118

Files

3bea04e490b35d387a5e8e85f888f549_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca8659e505fba7f0159f443e7c793b46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
CreateProcessW
GetShortPathNameA
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
SetStdHandle
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
Sleep
GetTimeZoneInformation
GetProcAddress
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
CompareStringA
GetDiskFreeSpaceA
FindFirstFileA
lstrcmpA
CreateProcessA
CompareStringW
GetProcessHeap
GlobalLock
DeleteFileW
SetEvent
SetErrorMode
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
lstrcmpiW
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetOEMCP
LoadLibraryW
EnterCriticalSection
MapViewOfFile
WriteConsoleW
SetCurrentDirectoryA
InterlockedIncrement
GetVersion
SetEndOfFile
CreateEventW
GetConsoleMode
VirtualQuery
WriteConsoleA
GetEnvironmentVariableA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
SetHandleCount
GetUserDefaultLCID
LoadLibraryA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
TlsGetValue
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
GetStringTypeA
lstrcmpiA
WideCharToMultiByte
GetTempPathA
FreeEnvironmentStringsW
LoadLibraryExW
ExpandEnvironmentStringsA
LocalAlloc
GetLocaleInfoA
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
GetCurrentThreadId
InterlockedExchange
SizeofResource
IsValidCodePage
HeapCreate
WriteFile
VirtualFree
FindResourceA
VirtualAlloc
HeapFree
GetFullPathNameA

advapi32

RegQueryValueExW
RegCreateKeyExA
RegQueryValueExA
RegCreateKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegCloseKey
RegSetValueExA

user32

GetWindowLongA
RegisterClassA
EnableMenuItem
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
SetWindowPos
PeekMessageA
EnableWindow
ShowWindow
UpdateWindow
GetParent
GetMessageA
SetTimer
GetActiveWindow
ClientToScreen
GetClientRect
SendMessageA
DefWindowProcA
GetCursorPos
GetDC
DispatchMessageA
IsWindow
LoadBitmapA
PostQuitMessage
DestroyMenu
MoveWindow
SetForegroundWindow
SetFocus
SetCapture
BeginPaint
DestroyWindow
KillTimer
MessageBeep
MessageBoxA
GetSysColor
IsWindowVisible
InvalidateRect
DrawTextA
CallWindowProcA
GetFocus
SetCursor
MapWindowPoints
GetSystemMetrics
GetWindowRect
PostMessageA
ReleaseCapture
SetWindowLongA
EndDialog
SetWindowTextA
CheckMenuItem
GetSubMenu
CreateWindowExA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
TrackPopupMenu
ReleaseDC
GetDesktopWindow

oleaut32

VariantInit
SysFreeString
VariantClear
SysAllocString

gdi32

BitBlt
GetDeviceCaps
DeleteObject
DeleteDC
GetStockObject
CreateCompatibleDC
CreateSolidBrush
SelectObject

msvcrt

_strcmpi
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
exit
_cexit
_controlfp

Sections

.text
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca8659e505fba7f0159f443e7c793b46

Headers

File Characteristics

Imports

kernel32

advapi32

user32

oleaut32

gdi32

msvcrt

Sections

.text Size: 302KB - Virtual size: 302KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 302KB - Virtual size: 302KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 3KB - Virtual size: 3KB