3be3e6a427ca33cc11431c4103797381_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3be3e6a427ca33cc11431c4103797381_JaffaCakes118
Size

58KB
MD5

3be3e6a427ca33cc11431c4103797381
SHA1

525b8c689e3179c21d5743aa7e4c37aac396ab81
SHA256

d3748d396a147952ce7ad1cc720ba19223c797043b6ecfbf52088cc8201a6ee6
SHA512

3178a2421fbbc0d0538ad9599e9cf9dd8e819be15c521b64b3cd50fd8e7c2e4e79f7c26c4a22dfbb8257b8fe439ab263ad3fda96203f71e293c163c5dd363e6c
SSDEEP

1536:0ODiR7F8GfU9MxdBBDuAkBqXFlmcjEHL9JXSMdoISW1B:0MiR7F1f1xdBBDuAkBqXFl2xJCMdoIS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be3e6a427ca33cc11431c4103797381_JaffaCakes118

Files

3be3e6a427ca33cc11431c4103797381_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d52da10a611db23992279fba89f9f482

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetTickCount
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
FormatMessageW
GetLastError
CreateEventW
WaitForSingleObject
GetFileAttributesExW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SetLastError
ExitProcess
GetModuleHandleW
GetFileSizeEx
SetFilePointer
WriteFile
ReadFile
CloseHandle
CreateFileW
lstrcatW
lstrcpyW
lstrlenW
lstrlenA
SetEvent
MultiByteToWideChar

user32

RegisterClassExW
LoadCursorW
DefWindowProcW
LoadIconW
PostQuitMessage
GetMessageW
GetDC
GetWindowTextW
GetSystemMetrics
ShowWindow
MessageBoxW
wsprintfW
EnableWindow
CreateWindowExW
SendMessageW
CharUpperW
CharLowerW
SetWindowTextW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetSystemMenu
EnableMenuItem
PeekMessageW
TranslateMessage
GetClientRect
SetWindowPos
GetWindowLongW
SetWindowLongW
GetWindowTextLengthW
CallWindowProcW
DrawTextW
LoadStringW
DispatchMessageW

gdi32

SetTextColor
GetDeviceCaps
GetStockObject
CreateSolidBrush
SetBkMode
SelectObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

DragFinish
DragAcceptFiles
DragQueryFileW

shlwapi

StrChrW
SHSetValueW
SHGetValueW
StrRChrW
StrToIntExW
StrCmpIW

msvcrt

_onexit
??1type_info@@UAE@XZ
_gcvt
??3@YAXPAX@Z
memcpy
memset
free
malloc
__dllonexit

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d52da10a611db23992279fba89f9f482

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

shlwapi

msvcrt

version

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.data Size: 512B - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 47KB - Virtual size: 47KB

.data
Size: 512B - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 8KB - Virtual size: 8KB