3f2339a0fcb324d681b99afac838bffb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f2339a0fcb324d681b99afac838bffb_JaffaCakes118
Size

232KB
MD5

3f2339a0fcb324d681b99afac838bffb
SHA1

1b3ef36189d5589a5340f61db10506bb4e0b873a
SHA256

6b7414a41b5aa70e4b9f7d2497d041b7bb127ac828ac010fddf5f253386db5c6
SHA512

e25cea015976c34bd335b055c421cef1af9f11eaf050d567f83169b164cf50ccc87807f6b652b1034c840bbf5a299cb03bc089958243f9bb1e7e92f2f460f176
SSDEEP

1536:+DB+DkDjl8fO1Qkz3TofuJZotC0zD7no4BMYTS4iKEFXvxKqHs0:uB+DkDZs5kTToTtCED7nNB4/XeyP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f2339a0fcb324d681b99afac838bffb_JaffaCakes118

Files

3f2339a0fcb324d681b99afac838bffb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d4c6eca8b3cf18f226522903760f05b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
MapViewOfFile
CreateFileMappingA
CloseHandle
GetFileSize
CreateFileA
SetFileAttributesW
MultiByteToWideChar
lstrlenA
CopyFileA
DeleteFileA
GetFileTime
FindNextFileA
SetFileAttributesA
lstrcpynA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
ReleaseMutex
WaitForSingleObject
lstrcmpiA
CreateDirectoryA
GetCurrentProcess
FormatMessageA
GetLastError
GetTempPathA
Sleep
CreateProcessA
GetSystemDirectoryA
UnmapViewOfFile
SetErrorMode
SetCurrentDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
SetFileTime
SystemTimeToFileTime
lstrcmpA
GetVersion
CreateThread
CreateMutexA
CreateSemaphoreA
VirtualFree
VirtualAlloc
SizeofResource
LockResource
LoadResource
FindResourceA
GetDriveTypeA
GetLogicalDriveStringsA
ReleaseSemaphore
OpenSemaphoreA
GetComputerNameA
GetShortPathNameA
CompareStringW
CompareStringA
GetStringTypeW
SetEnvironmentVariableA
GetStringTypeA
FindFirstFileA
FindClose
GetEnvironmentVariableA
lstrcatA
lstrcpyA
GetSystemTime
ExitProcess
WinExec
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapAlloc
GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
HeapFree
HeapReAlloc
TerminateProcess
WideCharToMultiByte
LCMapStringA
LCMapStringW
UnhandledExceptionFilter

user32

DialogBoxParamA
wsprintfA
ShowWindow
EndDialog
PostQuitMessage

advapi32

RegSetValueExA
RegCloseKey
RegRestoreKeyA
RegOpenKeyExA
RegSaveKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize

shlwapi

PathQuoteSpacesA

ws2_32

WSACleanup
inet_addr
gethostbyname
WSAStartup

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d4c6eca8b3cf18f226522903760f05b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

ws2_32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 76KB - Virtual size: 75KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 76KB - Virtual size: 75KB

.text
Size: 100KB - Virtual size: 100KB