f3e1b9b60ad4226faa80252a7f86794f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f3e1b9b60ad4226faa80252a7f86794f_JaffaCakes118
Size

188KB
MD5

f3e1b9b60ad4226faa80252a7f86794f
SHA1

f8a02cf8804bf98ef2d5c0c75e426770a7f5422a
SHA256

b5fc97475f3332d7ea370998eb9ec98e00e99ba8d33c697e80c117eb26eb5f43
SHA512

540f765e4c38f56a6cfa274e7165ecc9e59fd043a870711bbba7131bf4461b6a96b2bbe09d4f7fcb561fbc8e3d2093f120357b7cb9067489d6d993c08d194f59
SSDEEP

3072:Vhjf8BYJw9ZB8nSZgkZ6kZc9aMHK/cGC5A7D1zRtVoKiG62LGDMv:jf1w6nSZgkFkGbf1lzbLW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3e1b9b60ad4226faa80252a7f86794f_JaffaCakes118

Files

f3e1b9b60ad4226faa80252a7f86794f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22374bf829a51b7649c78ba4b0ab63f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
RegOpenKeyExA
RegEnumKeyExA

kernel32

GetTapeParameters
IsBadReadPtr
InterlockedDecrement
GetProcAddress
WaitForMultipleObjects
CreateSemaphoreA
LeaveCriticalSection
CreateThread
CloseHandle
GetCurrentProcessId
HeapFree
ReleaseSemaphore
ClearCommError
ResetEvent
ReleaseMutex
EnterCriticalSection
LoadLibraryW
WideCharToMultiByte
GetACP
GlobalAlloc
GetCurrentThread
MultiByteToWideChar
CreateFileW
CreateMutexA
SetThreadPriority
ResumeThread
FreeLibrary
lstrlenA
EnumResourceNamesA
QueryPerformanceCounter
CreateEventA
SetEvent
LocalFree
GetVersionExA
IsBadWritePtr
FindResourceA
GetSystemTimeAsFileTime
GetSystemInfo
GetCurrentThreadId
LoadLibraryA
GetLastError
GetProcessHeap
InitializeCriticalSection
FatalExit
VirtualAlloc
GetModuleFileNameW
VirtualFree
GetModuleFileNameA
GetTickCount
LockResource
TerminateThread
LoadResource
GetExitCodeThread
DisableThreadLibraryCalls
GetThreadPriority
GetSystemTime
DeleteCriticalSection
Sleep
InterlockedIncrement
WaitForSingleObject
ExitProcess

user32

GetQueueStatus
CreateWindowExA
MsgWaitForMultipleObjects
LoadStringA
wsprintfA
GetMessageA
CopyRect
PostThreadMessageA
MonitorFromWindow
PeekMessageA
DispatchMessageA
wvsprintfA
RegisterWindowMessageA
RegisterClassA
DestroyWindow

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoInitializeEx
CoTaskMemFree
CreateItemMoniker
CreateStreamOnHGlobal
StringFromCLSID
CoCreateInstance
CoRevokeClassObject
CoUninitialize
CLSIDFromString
StringFromGUID2
GetRunningObjectTable
CoFreeUnusedLibraries
CoRegisterClassObject
CoTaskMemAlloc

winmm

timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22374bf829a51b7649c78ba4b0ab63f7

Headers

File Characteristics

Imports

advapi32

kernel32

user32

shell32

ole32

winmm

oleacc

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 60KB - Virtual size: 59KB

.lib Size: 512B - Virtual size: 120KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 60KB - Virtual size: 59KB

.lib
Size: 512B - Virtual size: 120KB