3dfd8c4737f5a372cd16d157bf877e07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3dfd8c4737f5a372cd16d157bf877e07_JaffaCakes118
Size

331KB
MD5

3dfd8c4737f5a372cd16d157bf877e07
SHA1

993484bf60f073554e2d25ad707421d0aa7ae6da
SHA256

e8f899c370ab6829b1135fbf35a1a4877ec5e85b01f43f03856e28be3e47a7ab
SHA512

bb1ed772fe48ce613decfb7c757452102ac3c0d5a680477beb4d3426ba1d7da98775bda417dd0f2220b194736fe608183dbb5594b8ab49be4d9531690628483d
SSDEEP

6144:rhPP6Wz365SluKUiN0DptGmL+7/Ij3UejCaE2ne2UqcwVRQgg0Fkipf5pF:NPyWz365SpBibL+g3/jy27CwokiiV5pF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dfd8c4737f5a372cd16d157bf877e07_JaffaCakes118

Files

3dfd8c4737f5a372cd16d157bf877e07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8dda79efe0ebcaa6ef92918fd158b362

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathA
CloseHandle
FindFirstFileA
SetFileTime
LockResource
SetFileApisToANSI
VirtualLock
GetShortPathNameA
VirtualAlloc
SetFileShortNameA
VirtualFree
WriteFileGather
CreateFileMappingA
GetCompressedFileSizeA
GetFileInformationByHandle
GetFileAttributesExA
ReadFile
OpenFileMappingA
GetLongPathNameA
MoveFileA
GetFileTime
FreeLibrary
MoveFileExA
SetFileValidData
CreateFileA
FindNextFileA
SetFilePointerEx
MapViewOfFileEx
GetTempFileNameA
FlushFileBuffers
LockFile
GetTempPathA
FlushViewOfFile
UnlockFileEx
ReadFileEx
GetFileSize
PostQueuedCompletionStatus
FindClose
ReadFileScatter
CancelIo
LoadLibraryA
CreateIoCompletionPort
SetEndOfFile
ReplaceFileA
GetFileSizeEx
UnmapViewOfFile
SetFileAttributesA
GetTickCount
GetFileAttributesA
UnlockFile
LoadResource
WriteFileEx
MapViewOfFile
GetFileType
MoveFileWithProgressA
GetBinaryTypeA
GetQueuedCompletionStatus
AreFileApisANSI
CopyFileExA
SizeofResource
SetFilePointer
SetFileApisToOEM
GetProcAddress
CopyFileA
FindResourceA
FindFirstFileExA
LockFileEx
LoadLibraryExW
WinExec
GetModuleFileNameA
GetModuleHandleA
ExitProcess
MoveFileExW
GetCommandLineW
CreateHardLinkA
GetFullPathNameA
WriteFile

user32

MoveWindow
GetDesktopWindow
SetDlgItemTextA
EndDialog
DialogBoxParamA
GetWindowRect

advapi32

SetFileSecurityA

shell32

CommandLineToArgvW

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dda79efe0ebcaa6ef92918fd158b362

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 72KB - Virtual size: 71KB

.rsrc Size: 207KB - Virtual size: 206KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 207KB - Virtual size: 206KB