3fb6c8307c9945297c64da5357ececf9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3fb6c8307c9945297c64da5357ececf9_JaffaCakes118
Size

174KB
MD5

3fb6c8307c9945297c64da5357ececf9
SHA1

46f35138904352c154e299018a3a51c5b2c1cd66
SHA256

0e25c8f17bdbc3623c4fd5f032876c275294f14a35901ebd6e07eacaa28aab71
SHA512

f650a78c64d799ee712fa44bb1d4b7c26f0e3c3a6354201f9cdcfae804b6e0d1c172b512929425e64fd36dc3537253e4cd7cbd2f9414b910e78ff83ecdfd9c35
SSDEEP

3072:za7q2oXuYLBrCik7f7AAdUW1tePoAIcZwz/S1I7b:u+PpBGLzAAdUW1t9cC/SI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb6c8307c9945297c64da5357ececf9_JaffaCakes118

Files

3fb6c8307c9945297c64da5357ececf9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b2446f825563fae1ef8fdb6856f46de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CloseHandle
SetEvent
GetCPInfo
ResetEvent
DeleteFileA
GetDateFormatA
GetACP
GetCurrentProcessId
Sleep
ExitProcess
lstrlenA
GetProcessHeap
SetHandleCount
EnterCriticalSection
GetVersionExA
SetFilePointer
GetUserDefaultLCID
lstrcmpA
lstrcmpiA
SetThreadLocale
ReadFile
lstrcatA
GlobalFindAtomA
GetLastError
LoadLibraryExA
MulDiv
MoveFileExA
GetFileSize
VirtualAlloc
GetCurrentThread
WideCharToMultiByte
FormatMessageA
GetLocalTime
InitializeCriticalSection
GetCommandLineA
FreeLibrary
GetModuleHandleA
HeapFree
WriteFile
LocalFree
EnumCalendarInfoA
FreeResource
GetStringTypeA
GetOEMCP
GlobalAlloc
GetFileAttributesA
GlobalAddAtomA
VirtualFree
GetStartupInfoA
LockResource
GetLocaleInfoA
FindResourceA
VirtualQuery
CompareStringA
GetDiskFreeSpaceA
HeapDestroy
GetFullPathNameA
GetEnvironmentStrings
SetErrorMode
GetCurrentThreadId
FindClose
lstrcpyA
MoveFileA
GetModuleFileNameA
CreateEventA
GetVersion
GetSystemDefaultLangID

user32

GetMenuStringA
GetSubMenu
GetClipboardData
GetParent
SystemParametersInfoA
DrawMenuBar
ShowWindow
DrawTextA
GetScrollPos
ShowScrollBar
DefWindowProcA
GetKeyState
GetIconInfo
DrawIconEx
GetClassInfoA
GetLastActivePopup
GetSysColor
GetWindowTextA
EnumThreadWindows
SetCursor
GetScrollRange
EnumWindows
DefMDIChildProcA
EnableScrollBar
IsMenu
GetMenuItemInfoA
MessageBoxA
CheckMenuItem
BeginDeferWindowPos
GetCursorPos
IsDialogMessageA
DefFrameProcA
CharToOemA
BeginPaint
FillRect
CallNextHookEx
CreatePopupMenu
GetMenuItemID
GetDC
DrawEdge
EnableWindow
GetFocus
FindWindowA
GetDesktopWindow
DispatchMessageA
SetWindowLongA
ClientToScreen
GetMenuItemCount
GetMessagePos
EndPaint
GetActiveWindow
EnableMenuItem
DispatchMessageW
DrawIcon
CreateMenu
GetClientRect
GetClassLongA
GetDCEx
GetMenuState
GetMenu
IsWindowEnabled

msvcrt

memmove
malloc
log10
wcsncmp

advapi32

RegCreateKeyA
RegQueryInfoKeyA
RegEnumValueA

Sections

CODE
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 4KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6b2446f825563fae1ef8fdb6856f46de

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

Sections

CODE Size: 165KB - Virtual size: 164KB

.init Size: 4KB - Virtual size: 3KB

.bss Size: 4KB - Virtual size: 115KB

BSS Size: 512B - Virtual size: 434B

CODE
Size: 165KB - Virtual size: 164KB

.init
Size: 4KB - Virtual size: 3KB

.bss
Size: 4KB - Virtual size: 115KB

BSS
Size: 512B - Virtual size: 434B