3e8405ee3762c8bb204fbbcee85344a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e8405ee3762c8bb204fbbcee85344a8_JaffaCakes118
Size

367KB
MD5

3e8405ee3762c8bb204fbbcee85344a8
SHA1

df3d555de8fa7a328ede4e685d4cc5e7a912d215
SHA256

a9b3c578b9b260d37b85d7636580beefc7c7ebd5aa26dced034288d929e8c3e5
SHA512

5dc99062fcba67a89a72295f27e832edf59527d813119e26d3e9eebb2fcc72f1f35c31c7fcda53a5afbbd34576779c8209b542cc52588e9f523b45bb50278427
SSDEEP

6144:MtuyJlUjrkde+JO5FTpExy9bX/A0XGXIav91R0M7j2JXCOCx0mQ/07GMf5oq3o14:iNl23+eFFjhI0W9v9/PSJDCemd7Vf5oQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e8405ee3762c8bb204fbbcee85344a8_JaffaCakes118

Files

3e8405ee3762c8bb204fbbcee85344a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65f1c7b85b09f7a3c383dc0ccd40f992

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsIconic
GetClipboardData
WindowFromPoint
FindWindowA
EnumThreadWindows
GetDesktopWindow
SetWindowTextA
GetDialogBaseUnits
TileWindows
EndDeferWindowPos
FindWindowExA
GetDlgItemTextA
MoveWindow
DefDlgProcA
SendDlgItemMessageA

gdi32

DeleteDC
Chord
GetBitmapDimensionEx
FloodFill
CopyEnhMetaFileA
ExtEscape
GetBkMode
ExtCreateRegion
EqualRgn
BitBlt
CreateSolidBrush
ExcludeClipRect
AddFontResourceA
GdiComment
CreateFontA

advapi32

RegCreateKeyExA
ReadEventLogW
OpenProcessToken
RegReplaceKeyA
RegOverridePredefKey

kernel32

SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
LeaveCriticalSection
GetCPInfo
GetACP
GetStringTypeA
OpenSemaphoreA
LocalLock
OpenMutexA
VirtualQuery
GetSystemDefaultLangID
CreateSemaphoreA
GlobalLock
VirtualFreeEx
WideCharToMultiByte
GetStringTypeW
InitializeCriticalSection
EnterCriticalSection
GetPrivateProfileStringA
GetProcAddress
GetEnvironmentVariableA
VirtualAllocEx
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
TlsAlloc
VirtualAlloc
HeapAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetOEMCP

winspool.drv

EnumPrintProcessorsW
AddPrinterDriverExW
GetPrinterA
AddPrinterDriverA
DeletePrinterDataA
DeletePrinterDriverA
AddPrinterDriverW
EnumPrintProcessorsA

netapi32

NetUnjoinDomain
NetAuditClear
Netbios
NetConfigGetAll
NetAuditWrite
NetGetJoinInformation
NetAuditRead
NetErrorLogRead
NetGroupAdd
NetConfigSet
NetFileClose
NetErrorLogClear
NetConfigGet

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hcg
Size: 333KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65f1c7b85b09f7a3c383dc0ccd40f992

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

winspool.drv

netapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 79KB

.hcg Size: 333KB - Virtual size: 332KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 79KB

.hcg
Size: 333KB - Virtual size: 332KB

.rsrc
Size: 3KB - Virtual size: 3KB