3d8fcee81a71dc88745ffd7282e9f8e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d8fcee81a71dc88745ffd7282e9f8e6_JaffaCakes118
Size

257KB
MD5

3d8fcee81a71dc88745ffd7282e9f8e6
SHA1

0c032a6f09c9bcec27b2710e499493cc91290618
SHA256

e93e2e6d9f76aea2186a70ef7623666e7a2bcf5b4483e4e61c580853766039ea
SHA512

fb8a07fade08e4f8446ff056c25aa78fd64095b767896fec4910c49c1caf76eb056a51da5ee906fe5554f6c86cdc7d02c0042d377dcd3588071bd57ea58b4c20
SSDEEP

6144:D7XuoyxGikAuP7b+PWoWEiEek0HihYbvBUT2lvWO7QuBcVATSa6JfwLqojg:D7aE5AuDKDiE2Hi2qT29WO7QpVA+a6mQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d8fcee81a71dc88745ffd7282e9f8e6_JaffaCakes118

Files

3d8fcee81a71dc88745ffd7282e9f8e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c64b8eb54e36aa87de8401b034714a25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
FlushFileBuffers
TlsFree
DebugBreak
RtlUnwind
IsBadReadPtr
CloseHandle
GetCurrentProcess
HeapDestroy
VirtualAlloc
UnhandledExceptionFilter
SetStdHandle
HeapReAlloc
GetStringTypeA
GetCommandLineW
GetStdHandle
GetCommandLineA
TlsSetValue
GetModuleFileNameA
GetEnvironmentStrings
InterlockedIncrement
ExitProcess
GetLastError
InterlockedDecrement
LeaveCriticalSection
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
HeapValidate
GetCPInfo
SetConsoleCtrlHandler
QueryPerformanceCounter
FindFirstFileExW
SetHandleCount
GetThreadContext
WriteFile
GetCurrentThreadId
GetACP
HeapAlloc
GetVersion
HeapFree
IsBadWritePtr
VirtualFree
GetCurrentProcessId
VirtualQueryEx
LCMapStringA
InitializeCriticalSection
GetConsoleTitleA
OutputDebugStringA
FreeEnvironmentStringsW
GetOEMCP
LCMapStringW
GetCurrentThread
SetLastError
TlsGetValue
FindNextFileW
DeleteCriticalSection
GetModuleHandleA
GetDiskFreeSpaceW
GetFileType
VirtualFreeEx
LockFileEx
WideCharToMultiByte
GetDriveTypeW
GetNamedPipeInfo
FreeEnvironmentStringsA
MultiByteToWideChar
GetProcAddress
GetStartupInfoA
GetStringTypeW
EnterCriticalSection
TlsAlloc
InterlockedExchange
SetFilePointer
TerminateProcess
HeapCreate
VirtualQuery

advapi32

RegDeleteValueA
CryptSetProviderW
RegOpenKeyExW
LookupSecurityDescriptorPartsW
LogonUserA
RegCloseKey
RegReplaceKeyA
CryptDestroyKey
CryptDecrypt
AbortSystemShutdownA
RegOpenKeyA
LookupAccountNameW
CryptEncrypt
RegConnectRegistryA
CryptContextAddRef

gdi32

SetWindowExtEx
CreatePolyPolygonRgn
CreateRectRgnIndirect
PtInRegion
GetCurrentPositionEx
GetWindowOrgEx
GetTextExtentPointW
CreateFontW
GetCharWidthFloatW
GetOutlineTextMetricsA
GetDCOrgEx
CloseMetaFile
ExtCreateRegion

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c64b8eb54e36aa87de8401b034714a25

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Sections

.text Size: 132KB - Virtual size: 131KB

.data Size: 114KB - Virtual size: 113KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 132KB - Virtual size: 131KB

.data
Size: 114KB - Virtual size: 113KB

.rsrc
Size: 10KB - Virtual size: 9KB