3f6268be87ecdbc4d65dae12185c2b26_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f6268be87ecdbc4d65dae12185c2b26_JaffaCakes118
Size

294KB
MD5

3f6268be87ecdbc4d65dae12185c2b26
SHA1

7d3fbcf0719cd807631e4e239281e57d50470ae1
SHA256

e4b3904100c1b59346f02a7b164641e63e23c47d8f79bb3f94671ccf9bb71e8f
SHA512

5951e649b73906644a1c4b1f49fd13502ba1f4cd1a04bae30055d9cd4f1daac436ad434102005ed31369b72c8893197f77fdb3a72c5b26499066efb9d63bffb8
SSDEEP

6144:Y7RTq2CKlKn57m3Xfddp32SG4YhFyp2KLVLjFlIcf78Ne9GcIzapzJ7:cRTFCoKRmn1dpGSRSFe2KNnIU78sGYpd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f6268be87ecdbc4d65dae12185c2b26_JaffaCakes118

Files

3f6268be87ecdbc4d65dae12185c2b26_JaffaCakes118
.exe windows:4 windows x86 arch:x86

227ed50511c55279dbdb8e567b79886f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetErrorMode
FindResourceA
LoadResource
GetModuleFileNameA
TlsGetValue
IsDBCSLeadByte
CreateFileA
CreateMutexW
GetSystemDirectoryW
lstrlenA
GetCPInfo
DeleteFileW
GetStartupInfoA
InterlockedExchange
SetConsoleCP
VirtualProtect
IsValidLocale
LeaveCriticalSection
SetStdHandle
LocalFree
GetCurrentThreadId
RaiseException
GetCommandLineA
LCMapStringA
CloseHandle
GetEnvironmentStrings
GetSystemTimeAsFileTime
FlushFileBuffers
LocalFileTimeToFileTime
HeapFree
WaitForMultipleObjects
Sleep
DisableThreadLibraryCalls
GetVersion
GetFileAttributesW
GetOEMCP
LoadLibraryExW
GetProcessHeap
GetVersionExW
SetLastError
EnterCriticalSection
GetProcAddress
ResetEvent
SetHandleCount
GetStringTypeW
GetLastError
LCMapStringW
SetEvent
CreateMutexA
TerminateProcess
GetTimeZoneInformation
CreateProcessW
GetUserDefaultLCID
FreeEnvironmentStringsA
HeapDestroy
GetModuleHandleA
GetLocaleInfoA
GetVersionExA
InitializeCriticalSection
GetTickCount
GetThreadLocale
MulDiv
OutputDebugStringA
DeleteCriticalSection
FindNextFileA
QueryPerformanceCounter
GetFileType
HeapAlloc
SizeofResource
CreateDirectoryW
VirtualQuery
GlobalUnlock
LoadLibraryA
FindClose
WriteFile
SetUnhandledExceptionFilter
SetFileAttributesA
VirtualAlloc
CreateFileW
GetLocalTime
UnhandledExceptionFilter
GetCurrentProcessId
InterlockedCompareExchange
GetEnvironmentStringsW
WideCharToMultiByte
lstrcmpA
GetFileSize
VirtualFree
GetDiskFreeSpaceA
GetACP
LocalAlloc
ReadFile
ExitProcess
DeviceIoControl
InterlockedIncrement
CreateEventA
GetModuleHandleW
CompareStringW
GetFullPathNameA
WaitForSingleObject
GetCurrentProcess
CreateThread
ReleaseSemaphore
TlsFree
GlobalDeleteAtom

gdi32

SetBrushOrgEx
CreateDIBSection
Rectangle
SaveDC
GetObjectA
BitBlt
GetObjectW
GetTextExtentPoint32W
LineTo
CreateFontIndirectW
SetTextColor
StretchBlt
SetMapMode
SetViewportOrgEx
GetStockObject
GetDeviceCaps
SelectObject
SetROP2

user32

GetDlgItem
SendMessageW
MoveWindow
UnregisterClassA
IsDialogMessageW
EqualRect
CopyRect
SetTimer
MessageBeep
GetFocus
GetIconInfo
DrawTextA
GetWindowLongW
SetWindowTextW
GetWindowTextW
GetMessageA
CharNextW
LoadImageW
CreateWindowExA
CreateWindowExW
GetCursorPos
PostMessageW
IsWindowEnabled
ClientToScreen
SetActiveWindow
SystemParametersInfoA
TranslateMessage
SetCursor
FindWindowW
GetDC
LoadStringW
EnableWindow
EnableMenuItem
SetRectEmpty
GetWindowPlacement
DestroyIcon
SetWindowTextA
SetWindowPos
InvalidateRect
GetWindowLongA
DestroyMenu
UnregisterClassW
GetWindowRect
SetFocus
ReleaseDC
MessageBoxW
GetPropW
ScreenToClient

msvcrt

malloc
iswspace
memcpy
??3@YAXPAX@Z
_onexit
_initterm
__p__commode
_CxxThrowException
_amsg_exit
realloc
__getmainargs
_adjust_fdiv
?what@exception@@UBEPBDXZ
wcschr
??1type_info@@UAE@XZ
??1exception@@UAE@XZ
fflush
_XcptFilter
__set_app_type
_fileno
memset

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemRealloc
CoRegisterPSClsid
StringFromGUID2
CoUninitialize

advapi32

AdjustTokenPrivileges
RegOpenKeyExW
RegEnumKeyExA
QueryServiceStatus
RegQueryValueExW
RegQueryValueExA
SetSecurityDescriptorDacl
RegCloseKey
FreeSid
OpenSCManagerW
InitializeSecurityDescriptor

lz32

LZOpenFileW
LZSeek
LZOpenFileA

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 246KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 389B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

227ed50511c55279dbdb8e567b79886f

Headers

File Characteristics

Imports

kernel32

gdi32

user32

msvcrt

ole32

advapi32

lz32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 246KB - Virtual size: 249KB

.idata Size: 512B - Virtual size: 389B

.idata Size: - Virtual size: 1KB

.data Size: 512B - Virtual size: 184KB

.rsrc Size: 1024B - Virtual size: 944B

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 246KB - Virtual size: 249KB

.idata
Size: 512B - Virtual size: 389B

.idata
Size: - Virtual size: 1KB

.data
Size: 512B - Virtual size: 184KB

.rsrc
Size: 1024B - Virtual size: 944B