3ea39f5be46bbdb9b4e210975ebaff87_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ea39f5be46bbdb9b4e210975ebaff87_JaffaCakes118
Size

244KB
MD5

3ea39f5be46bbdb9b4e210975ebaff87
SHA1

5265dc97444728bb99cd57de677bc26c7f737f6f
SHA256

be5e2b2d4f958d5d6f8c2d4a602b1558fb1d05cb86c052ad4ea3df7970e7a4b5
SHA512

9a285ebb505bc2857b4f17ca434e3ac92f3d52814433d9fd27153e8810f6c27841ba62aef8e5106dd80d6ecc49e64356edc59ee95bde2b9712708af230bd306b
SSDEEP

3072:4UEtLmVXmMERbq07mgZtDXK4P5Lil5hfjbcEjgt7/LXRlM5VfE:pEtLMEt9mgZ1K4pizhfju1LRlMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ea39f5be46bbdb9b4e210975ebaff87_JaffaCakes118

Files

3ea39f5be46bbdb9b4e210975ebaff87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8f85013efdc130e45af53e9d410dcef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSCDeinstallProvider
WSCEnumProtocols

setupapi

SetupCloseFileQueue
SetupInitDefaultQueueCallback
SetupOpenFileQueue
SetupDefaultQueueCallbackA
SetupQueueCopyA
SetupCommitFileQueueA

wininet

InternetCrackUrlA

kernel32

GetFileSize
CreateFileA
lstrcatA
GetWindowsDirectoryA
GetShortPathNameA
Sleep
ExpandEnvironmentStringsA
MoveFileExA
DeleteFileA
RemoveDirectoryA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
ReleaseMutex
WaitForSingleObject
CreateMutexA
CreateFileMappingA
GetStringTypeW
GetStringTypeA
CreateProcessA
GetExitCodeProcess
InitializeCriticalSection
ReadFile
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
HeapReAlloc
VirtualAlloc
MapViewOfFile
UnmapViewOfFile
CloseHandle
SetFilePointer
SetEndOfFile
GetCurrentProcess
GetVersionExA
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
UnhandledExceptionFilter
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetLastError
GetFileAttributesA
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

GetDlgItem
SendMessageA
IsDlgButtonChecked
GetMessagePos
PostMessageA
EndDialog
SetDlgItemTextA
SetWindowTextA
EnableWindow
wsprintfA
FindWindowA
MessageBoxA
ExitWindowsEx
DialogBoxParamA
FindWindowExA
ScreenToClient

advapi32

RegEnumValueA
RegDeleteKeyA
RegGetKeySecurity
RegSetKeySecurity
RegSetValueExA
RegQueryInfoKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegEnumKeyExA

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8f85013efdc130e45af53e9d410dcef

Headers

File Characteristics

Imports

ws2_32

setupapi

wininet

kernel32

user32

advapi32

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 112KB - Virtual size: 108KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 112KB - Virtual size: 108KB