3e714357fce7fa9d3a779e3694eaa9bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e714357fce7fa9d3a779e3694eaa9bc_JaffaCakes118
Size

173KB
MD5

3e714357fce7fa9d3a779e3694eaa9bc
SHA1

1c45b10f5b986371d49fccd24731c76e244b367e
SHA256

69a05329f52d48e94d952aaf050576e00179835b7d7a4f37f2b891550206b339
SHA512

9b648e3d260cd3c5f221a609b5b9f0ff43e6c1a0432d2a18d3dba478b401e3b81cbe300b4577fdb95bd91b2c6fc3c7e255474c5f2f1711bb0ee48aa4555cae50
SSDEEP

3072:OKWWeYlsnHkWXzAxZJpr0vo2stWofq/1/c0GVp:OKWWeYl4XQPprAZC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e714357fce7fa9d3a779e3694eaa9bc_JaffaCakes118

Files

3e714357fce7fa9d3a779e3694eaa9bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45f2e0a8b1410e4f55b1c53d17199c64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCommandLineA
GetCPInfo
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
GetLastError
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
WriteFile
CloseHandle
AllocConsole
GetACP
GetModuleFileNameW
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetStringTypeW

user32

CopyAcceleratorTableW
SetMenuItemInfoA
GetMenuItemInfoA
GetMessageTime
SetScrollInfo
ScrollWindow
GetDlgCtrlID
GetSysColor
DrawTextW
CreateWindowExW
LockWindowUpdate
CheckMenuRadioItem
CheckMenuItem
RegisterHotKey
UnregisterHotKey
ExitWindowsEx
RegisterWindowMessageA
SetDlgItemInt
GetDlgItemInt
ShowScrollBar
GetScrollRange
SystemParametersInfoW
GetWindowTextLengthW

advapi32

RegOpenKeyExW
RegQueryValueExW
StartServiceCtrlDispatcherW
RegSetValueExW
RegEnumKeyW
RegisterServiceCtrlHandlerW
RegCloseKey

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45f2e0a8b1410e4f55b1c53d17199c64

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 69KB - Virtual size: 202KB

.xdata Size: 1024B - Virtual size: 624B

.rsrc Size: 1024B - Virtual size: 680B

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 69KB - Virtual size: 202KB

.xdata
Size: 1024B - Virtual size: 624B

.rsrc
Size: 1024B - Virtual size: 680B