3d61fcecdfec5a37f78b92c6ac66f053_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d61fcecdfec5a37f78b92c6ac66f053_JaffaCakes118
Size

562KB
MD5

3d61fcecdfec5a37f78b92c6ac66f053
SHA1

8fff8f38acbd4411c6d24a862d74f8ae4b69a2f0
SHA256

6f5e44d278fbe61d0ca027b0c846ff58caeed6212a71ac894d82763325e5940b
SHA512

0114a618071d8cb51479b1f6726919d563ad862f61ba61b360b7d76a2ec8c141f6908410932d9d19aab3852365be4a5da8a80bdf22f9353226bcded9e586f4cd
SSDEEP

12288:xUDbsmhddtcnltcnltcnltcnltcnltcnltcna:xULZtcnltcnltcnltcnltcnltcnltcna

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d61fcecdfec5a37f78b92c6ac66f053_JaffaCakes118

Files

3d61fcecdfec5a37f78b92c6ac66f053_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7a13f1d372d80d4d724b3d599c5684d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\workarea\8.66\drivers\2d\shared\smgart\Build\ntx\B_rel\ati2sgag.pdb

Imports

kernel32

GetCurrentProcess
TerminateProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
QueryPerformanceCounter
FlushFileBuffers
GetTimeZoneInformation
GetSystemInfo
VirtualProtect
SetConsoleCtrlHandler
GetCurrentProcessId
GetLastError
GetVersionExA
GetModuleFileNameA
GetCurrentThreadId
GetPrivateProfileIntA
GetCommandLineA
OutputDebugStringA
CreateFileA
SetFilePointer
GetLocalTime
WriteFile
CloseHandle
GetSystemDirectoryA
CreateProcessA
GetTickCount
lstrcpyA
GetModuleHandleA
GetProcAddress
GetLocaleInfoW
Sleep
VirtualAlloc
VirtualFree
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
FatalAppExitA
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
RaiseException
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
InterlockedExchange
VirtualQuery
LoadLibraryA
InitializeCriticalSection
SetStdHandle
GetSystemTimeAsFileTime

user32

PeekMessageA
PostMessageA
GetActiveWindow
EnumDisplaySettingsA
ChangeDisplaySettingsExA
wsprintfA
IntersectRect
WindowFromDC
MapWindowPoints
SystemParametersInfoA
GetWindowRect
GetSystemMetrics

gdi32

ExtEscape
CreateDCA
DeleteDC
GetClipBox

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
DeleteService
CreateServiceA
RegCreateKeyA
RegSetValueExA
DeregisterEventSource
RegisterEventSourceA
ReportEventA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegOpenKeyA
RegFlushKey
RegCloseKey
StartServiceCtrlDispatcherA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 460KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7a13f1d372d80d4d724b3d599c5684d

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 460KB - Virtual size: 464KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 460KB - Virtual size: 464KB

.rsrc
Size: 4KB - Virtual size: 3KB