3e345d734673836a9f678562a0126a35_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e345d734673836a9f678562a0126a35_JaffaCakes118
Size

159KB
MD5

3e345d734673836a9f678562a0126a35
SHA1

d7eb091bb40464c00b704de7a0ec07b3191342d9
SHA256

6a50e5feea8b4f433f435f4f5195120e48d6259032fb4a8bb0a585ab588cc820
SHA512

63b697d3dea9366c5934d8f15dc8bdb6f8a1c1e970872eb53f8459e93975e38a0ad1f04f1ac7e7a7ba773eccea1564d8f2c7a124dc16ff3a15229fd171f34cd2
SSDEEP

3072:wEkTcvZMuIQBtzL0KpDdRJwsY1Um43QliOgBmIE6zL6DDM92X:w8yuIQt/Rw1NSQlxQmIvLaDf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e345d734673836a9f678562a0126a35_JaffaCakes118

Files

3e345d734673836a9f678562a0126a35_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c186c99b904807cdbcd3e7499926ba44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
EqualSid
GetTokenInformation
AdjustTokenPrivileges
FreeSid
RegQueryInfoKeyA
OpenProcessToken
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey

gdi32

GetDeviceCaps

kernel32

LoadResource
DeleteFileA
LocalFree
lstrcmpiA
lstrlenA
GetDriveTypeA
GetCommandLineA
GetThreadContext
FindClose
GetStartupInfoA
MulDiv
CreateFileA
GetTempFileNameA
VirtualQuery
IsDBCSLeadByte
GetSystemInfo
FindResourceA
GetWindowsDirectoryA
_llseek
FreeLibrary
FindNextFileA
GetModuleHandleA
SetFileAttributesA
SetFileTime
lstrcatA
_lopen
CreateProcessA
GlobalLock
FormatMessageA
ExitProcess
CreateThread
RemoveDirectoryA
lstrcpyA
WriteFile
CloseHandle
LocalAlloc
SetVolumeLabelA
CreateDirectoryA
LockResource
UnhandledExceptionFilter
GetShortPathNameA
lstrcmpA
SizeofResource
GetDiskFreeSpaceA
GetModuleFileNameA
ResetEvent
SetFilePointer
GlobalAlloc
SetUnhandledExceptionFilter
GetLastError
GetTempPathA
FreeResource
_lclose
SetEvent
CreateEventA
GlobalFree
GetExitCodeProcess
TerminateThread
GetVolumeInformationA
GetCurrentProcess
FindFirstFileA
GetCurrentThreadId
GetTickCount
GetCurrentDirectoryA
lstrcpynA
CreateMutexA
SetCurrentDirectoryA
ReadFile
GetCurrentProcessId
GetVersionExA
GetProcAddress
GetSystemDirectoryA
GlobalUnlock
GetFileAttributesA
LoadLibraryExA

user32

PeekMessageA
GetDlgItemTextA
CharUpperA
LoadStringA
CharPrevA
GetWindowLongA
GetDesktopWindow
MessageBoxA
DispatchMessageA
GetWindowRect
ExitWindowsEx
EndDialog
SetWindowTextA
CharNextA
SetWindowLongA
CallWindowProcA
GetDlgItem
EnableWindow
GetSystemMetrics
wsprintfA
SendMessageA
SetWindowPos
SetDlgItemTextA
ShowWindow
MessageBeep

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bzzx
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c186c99b904807cdbcd3e7499926ba44

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

version

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 10KB

.bzzx Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 147KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 10KB

.bzzx
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 147KB