f3e52cb2157aa408bff78bc16dd6f9fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3e52cb2157aa408bff78bc16dd6f9fc_JaffaCakes118
Size

100KB
MD5

f3e52cb2157aa408bff78bc16dd6f9fc
SHA1

d55a07c69b6d222871cc769cddb832480767ba93
SHA256

bd265f4de5a99b55552066a300fa16c3bbfa1adabbcd3337a9acff3b44983ab7
SHA512

11deda3caf06a022d78475b91d1221a05d56310f3854e1b339143e0101c0dc894441359530222e70e5d5b51ed646dbeee35f81e4eecd6344afe689a979ecd7cf
SSDEEP

3072:l1E7d4V74+LHEbb8urJoSacG5EGAFyKvtotM:fid4V7bwUECS85gtuK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3e52cb2157aa408bff78bc16dd6f9fc_JaffaCakes118

Files

f3e52cb2157aa408bff78bc16dd6f9fc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d7b0b65a84d9ca60ba8eece34a843114

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW

advapi32

RegCreateKeyExW
RegEnumValueW
RegQueryValueExA
EqualSid
RegCreateKeyW
InitializeAcl

kernel32

ProcessIdToSessionId
GetShortPathNameW
GetConsoleMode
RtlUnwind
GetCurrentDirectoryW
HeapSize
GetTimeFormatA
GetCurrentProcessId
GetCPInfo
ReadFile
GetStartupInfoW
HeapDestroy
GetProcessHeap
GetTempFileNameA
GetModuleFileNameA
HeapCreate
VirtualAlloc
IsBadReadPtr
lstrcpynW
GlobalAlloc
CompareStringW
GetFileTime
HeapFree
ExitProcess
LoadResource
lstrlenA
CreateMutexW
SearchPathW
CopyFileA
GetLastError

comctl32

ImageList_Draw

gdi32

GetViewportOrgEx
PolylineTo
CreateDIBSection
CreateFontIndirectW
GetEnhMetaFileBits
Pie
CopyMetaFileW
SelectClipRgn
ExtTextOutA
CreatePen
PtVisible
GetObjectW
Arc
GetCurrentObject
GetBkMode
SetStretchBltMode
CloseMetaFile
GetPaletteEntries
Polyline
OffsetViewportOrgEx
GetTextColor
ExtFloodFill
GetEnhMetaFileHeader
SetPixelV
SetMapMode
ExcludeClipRect
TextOutA
Escape
DeleteMetaFile
CreateBrushIndirect
StretchDIBits
ScaleWindowExtEx
GetRgnBox
CreatePalette
GetTextExtentPoint32W
GetWinMetaFileBits
LineTo
GetTextCharsetInfo
SetPixel
SetWindowOrgEx
SelectPalette

msvcrt

strncat
fputs
fflush
wcscat
_itow
_ltow
strerror
_unlock
fwrite
_lock
__setusermatherr
_wfsopen
_close
strcmp
iswctype

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 35KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7b0b65a84d9ca60ba8eece34a843114

Headers

File Characteristics

Imports

version

advapi32

kernel32

comctl32

gdi32

msvcrt

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 35KB - Virtual size: 80KB

.idata Size: 10KB - Virtual size: 29KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 35KB - Virtual size: 80KB

.idata
Size: 10KB - Virtual size: 29KB

.rsrc
Size: 20KB - Virtual size: 19KB