3fd5a29adac1ddaceeef0a8629ad216b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3fd5a29adac1ddaceeef0a8629ad216b_JaffaCakes118
Size

254KB
MD5

3fd5a29adac1ddaceeef0a8629ad216b
SHA1

66fee3f3046b7f5d9d78d6b0f6d12a2d62d5f157
SHA256

d85454c1c02d29c031f69040f9e9612e41e5e956f14f67f9959e61b82af78e71
SHA512

171f36f9ed362be9e928619120b0a3b726874c4469c2ee571342fecd10b81dcae8d7771fa478c87b7e80a9ba374dc870c0b33e11b374cd23ca5bb31bfd4236ac
SSDEEP

6144:08vPzvJxzvOWlTXw0bTkO3gmf4EJxH8ct60B5FpYjSIH:Hn7JxRTXX9VftxH9tNXFpY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd5a29adac1ddaceeef0a8629ad216b_JaffaCakes118

Files

3fd5a29adac1ddaceeef0a8629ad216b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73643c08e5745dc7d527df2c134b1e39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateEnhMetaFileW
Polyline
GetCharABCWidthsA
ColorMatchToTarget

shell32

DragQueryPoint
DragQueryFile
ExtractAssociatedIconA
ShellExecuteW
FindExecutableA
SHGetPathFromIDList
SHGetDesktopFolder
SHQueryRecycleBinW
SHGetFileInfo
SHGetDataFromIDListW
ExtractIconExA
SHGetFileInfoA
SHGetFileInfoW
SHEmptyRecycleBinA
RealShellExecuteW
ShellHookProc
ShellExecuteEx
SHLoadInProc
InternalExtractIconListA

wininet

SetUrlCacheEntryGroupA
InternetTimeFromSystemTimeW
InternetSetOptionA
InternetGetCertByURLA
InternetDial
FtpCommandW
DeleteUrlCacheContainerW
InternetSetDialStateA
InternetSetOptionExA
CreateUrlCacheEntryW
GetUrlCacheGroupAttributeA

advapi32

RegDeleteValueW
CryptEnumProvidersW
CryptSetProviderA
RegOpenKeyW
AbortSystemShutdownW
RegNotifyChangeKeyValue
RegOpenKeyExA
CryptImportKey
RegEnumKeyExA
CryptGenKey
LookupPrivilegeNameA
CryptGetUserKey
RegEnumValueW
RegReplaceKeyW
GetUserNameW
CryptReleaseContext
RegEnumValueA
RegQueryInfoKeyW
CryptAcquireContextW
LookupAccountNameA
RegLoadKeyA

kernel32

UnhandledExceptionFilter
GetCurrentProcessId
HeapSize
CompareStringA
SetEnvironmentVariableA
QueryPerformanceCounter
GetTimeFormatA
SetHandleCount
FreeEnvironmentStringsW
GetTimeZoneInformation
FreeEnvironmentStringsA
RtlUnwind
GetUserDefaultLCID
GetEnvironmentStrings
WriteProfileStringA
WideCharToMultiByte
GetTickCount
TlsFree
GetStringTypeExA
GetLastError
HeapDestroy
HeapReAlloc
GetCommandLineW
InterlockedExchange
GetDateFormatA
GetModuleHandleA
IsValidCodePage
LCMapStringA
LeaveCriticalSection
GetStartupInfoA
CompareStringW
SetThreadAffinityMask
GetCommandLineA
GetVersionExA
GetStdHandle
InitializeCriticalSection
GetSystemTimeAsFileTime
GetProcAddress
WriteFile
HeapAlloc
TlsAlloc
LCMapStringW
GetModuleFileNameA
SetLastError
GetCurrentThread
GetEnvironmentStringsW
GetModuleFileNameW
HeapFree
GetACP
MultiByteToWideChar
GetLocaleInfoA
GetFileType
VirtualProtect
TerminateProcess
EnumSystemLocalesA
GetCurrentProcess
VirtualQuery
TlsSetValue
DeleteCriticalSection
GetStringTypeA
EnterCriticalSection
GetCPInfo
GetStartupInfoW
LoadLibraryA
GetCurrentThreadId
GetLocaleInfoW
ExitProcess
lstrlen
VirtualAlloc
TlsGetValue
GetSystemInfo
VirtualFree
GetStringTypeW
IsValidLocale
HeapCreate
IsBadWritePtr
GetOEMCP

comdlg32

FindTextA
ReplaceTextA
GetFileTitleW
FindTextW
GetFileTitleA
PrintDlgA
GetSaveFileNameW

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73643c08e5745dc7d527df2c134b1e39

Headers

File Characteristics

Imports

gdi32

shell32

wininet

advapi32

kernel32

comdlg32

Sections

.text Size: 128KB - Virtual size: 127KB

.data Size: 111KB - Virtual size: 110KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 128KB - Virtual size: 127KB

.data
Size: 111KB - Virtual size: 110KB

.rsrc
Size: 14KB - Virtual size: 13KB