3fb1c87a9965e0e693b7960103aa457f_JaffaCakes118

General

Target

3fb1c87a9965e0e693b7960103aa457f_JaffaCakes118
Size

144KB
MD5

3fb1c87a9965e0e693b7960103aa457f
SHA1

bf09d12c019b5424d5275101526a146dac6239ef
SHA256

e93f3aba7e4f8299fbc1dbb3e65a1a33fc5545744794c82c63d81f9df6e7d544
SHA512

efe3a552ea4136f5e58f78fa7be2ba30894b757a7a4330d507dc32e3979902d35a058ba25fbba4200aff891d5692c764599b6aa67aa338d78c1fd0b184ff70e2
SSDEEP

3072:m/mD8e7t/JBkUgJTh6bEQ0TTcaWsrPct8SIw9BSRHpED5Y:AmD8q/zkzV6bE9TTcILct8S9SQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb1c87a9965e0e693b7960103aa457f_JaffaCakes118

Files

3fb1c87a9965e0e693b7960103aa457f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

407b634e2951866a94de1196d3522608

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
EnumSystemLocalesA
ExitProcess
ExpandEnvironmentStringsA
FindFirstFileA
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCurrentProcessId
GetDriveTypeA
GetExitCodeProcess
GetLastError
GetModuleHandleA
GetPrivateProfileSectionA
GetProcAddress
GetStringTypeA
GetSystemInfo
GetTempPathA
GetThreadTimes
GetTimeZoneInformation
GetWindowsDirectoryA
GlobalAlloc
GlobalHandle
GlobalUnlock
HeapAlloc
HeapFree
InterlockedDecrement
InterlockedIncrement
IsValidLocale
LeaveCriticalSection
LoadResource
LocalAlloc
LockResource
MapViewOfFile
Module32Next
MoveFileA
MultiByteToWideChar
QueryPerformanceCounter
SetErrorMode
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TlsFree
VirtualFree
WaitForSingleObject
WriteConsoleA
WritePrivateProfileStringA
lstrcpynA

user32

CharNextA
EnableMenuItem
GetDlgItemTextA
IntersectRect
MapWindowPoints
ReleaseDC
SetForegroundWindow

advapi32

ChangeServiceConfigA
EqualSid
FreeSid
GetSecurityDescriptorControl
RegCloseKey
RegCreateKeyExA
StartServiceCtrlDispatcherA
UnlockServiceDatabase

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 38KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

407b634e2951866a94de1196d3522608

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 93KB - Virtual size: 92KB

.DATA Size: 38KB - Virtual size: 165KB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 93KB - Virtual size: 92KB

.DATA
Size: 38KB - Virtual size: 165KB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 2KB