f3fbaf0dc074837ef741745c209fd9aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3fbaf0dc074837ef741745c209fd9aa_JaffaCakes118
Size

136KB
MD5

f3fbaf0dc074837ef741745c209fd9aa
SHA1

2f7366659c114b6f93446c0cc1dddd23f02b6eea
SHA256

4036198052aa6a3a624761d05dc5816994ae853d9c11a4715e443065e6f4bc81
SHA512

e32ee264a3360812caec070513ed109fca63353862de576138a9d8fd5e191ba2440d8d6e01ed07ff2cdb35b03afcc3dccf08efe58d621c1374ad12488cd55f61
SSDEEP

3072:XSWeYjukp329fzavCT+PSYbAFXz/G1s5xj:X3eYqo3YzUBbgK1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3fbaf0dc074837ef741745c209fd9aa_JaffaCakes118

Files

f3fbaf0dc074837ef741745c209fd9aa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e62246613f6acde77961639fcb535962

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MapWindowPoints
LoadStringW
ValidateRect
LoadStringA
SetScrollInfo
FrameRect
GetKeyState
ScrollDC
UnregisterClassA
SystemParametersInfoA
RedrawWindow
DestroyCaret
DefWindowProcW
CloseClipboard
SetRectEmpty
SendDlgItemMessageA
IsIconic
GetUpdateRect
DrawFrameControl
BeginPaint
DispatchMessageW
DrawEdge
CallWindowProcW
GetWindowTextW
ReleaseDC
InflateRect
DrawTextA
GetKeyNameTextW
GetCursorPos
DestroyIcon
UnhookWindowsHookEx
GetWindowLongW
CopyImage
SetMenuItemInfoW
DrawTextW
LoadCursorA

gdi32

CreateFontIndirectA
StartPage
GetDIBits
GetPixel
GetTextColor
SetEnhMetaFileBits
TextOutA
GetEnhMetaFileDescriptionA
SetTextCharacterExtra
CreatePatternBrush
CreatePen
SetWindowOrgEx
DeleteEnhMetaFile
GetDeviceCaps
Ellipse
Pie
Polyline
SetROP2
CreateSolidBrush

hticlmrt

_LSnan
_FDnorm
_Hugeval
_LPoly
_Nan
_Dtest
_LDscale
_Eps
_FSnan
_LDtest

advapi32

RegCreateKeyExA
SetSecurityDescriptorDacl

kernel32

GetFileType
WaitForMultipleObjects
HeapFree
FindNextFileA
GetProcAddress
CreateFileMappingA
ExitProcess
LoadLibraryW
lstrlenW
GlobalMemoryStatus
GlobalAlloc
FileTimeToSystemTime
SetEvent
QueryPerformanceFrequency
GetDateFormatA
CreateThread
RemoveDirectoryA
TerminateProcess
CreateProcessA
GetWindowsDirectoryA
GetFullPathNameA
SetThreadPriority
MapViewOfFileEx
OutputDebugStringA
CreateMutexA
UnmapViewOfFile
GetStartupInfoA
MapViewOfFile
GetProfileStringA
IsValidLocale
CloseHandle
GetModuleHandleA
VirtualQueryEx

ole32

DoDragDrop
OleSetClipboard
StringFromGUID2
OleSetMenuDescriptor
CoGetClassObject
OleInitialize

comdlg32

GetOpenFileNameA

comctl32

ImageList_Write
ImageList_GetDragImage
ImageList_Destroy
ImageList_BeginDrag
ImageList_GetImageCount
ImageList_DragMove
ImageList_Remove

oleaut32

SetErrorInfo
SafeArrayGetUBound
VariantCopyInd
SysAllocStringByteLen

winmm

timeGetTime
PlaySoundA

shell32

SHGetSpecialFolderPathA
ShellExecuteExA
SHGetMalloc

urlmon

CoInternetCreateZoneManager

wininet

InternetGetLastResponseInfoA
HttpSendRequestA

Sections

.text
Size: 112KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e62246613f6acde77961639fcb535962

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

hticlmrt

advapi32

kernel32

ole32

comdlg32

comctl32

oleaut32

winmm

shell32

urlmon

wininet

Sections

.text Size: 112KB - Virtual size: 116KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 112KB - Virtual size: 116KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB