3e221e175eae34e2eb54790b9213e83f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3e221e175eae34e2eb54790b9213e83f_JaffaCakes118
Size

59KB
MD5

3e221e175eae34e2eb54790b9213e83f
SHA1

755f7339a6e2ca8a74a11552e268e0c35e3eeab9
SHA256

aa55ad9bb80ffb0cd5c66cc709a338a45bfa676d20bc1ffdf17ffcd7443d9cb4
SHA512

d1468f24579784a02e425d03457297fd2ca151820b272d836dd783cee41044694ab23652fa3a994d1c6f71fd74f06aa39de105e619835a1ab3978f3c9934ba82
SSDEEP

1536:Mdtvg/wb7Ei7vxxess97/y7rLw5SAO+r2/N6Nmk+:MddSw3ESvb8DyrGdu/Rk+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e221e175eae34e2eb54790b9213e83f_JaffaCakes118

Files

3e221e175eae34e2eb54790b9213e83f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb259adf8dff969699956f4b75535916

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetTokenInformation
InitializeSecurityDescriptor
LockServiceDatabase
QueryServiceStatus
RegCloseKey
StartServiceCtrlDispatcherA

kernel32

CloseHandle
CompareStringA
CopyFileA
CreateEventA
CreateThread
DeleteAtom
DeleteCriticalSection
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FindFirstFileA
FindResourceA
FlushFileBuffers
FreeLibrary
GetACP
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetEnvironmentStringsA
GetEnvironmentVariableA
GetExitCodeProcess
GetFileTime
GetLastError
GetModuleHandleA
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemTime
GetTempFileNameA
GetTickCount
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapCreate
HeapDestroy
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LoadLibraryA
LoadResource
LocalAlloc
MapViewOfFile
MoveFileA
MoveFileExA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ReadFile
ReleaseMutex
RemoveDirectoryA
SetCurrentDirectoryA
SetEndOfFile
SetLastError
SetStdHandle
SizeofResource
SuspendThread
TerminateProcess
TlsAlloc
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

user32

BeginPaint
CharUpperA
CheckMenuItem
ClientToScreen
CreateDialogParamA
DefWindowProcA
DispatchMessageA
DrawTextA
GetClassNameA
GetMenuItemCount
GetParent
GetSystemMenu
GetWindowPlacement
IsIconic
KillTimer
LoadCursorA
LoadIconA
MessageBoxA
MsgWaitForMultipleObjects
OffsetRect
PeekMessageA
PostQuitMessage
RegisterWindowMessageA
SendDlgItemMessageA
SetDlgItemTextA
SetFocus
SetTimer
WinHelpA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb259adf8dff969699956f4b75535916

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 24KB - Virtual size: 24KB

.DATA Size: 13KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.DATA
Size: 13KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB