3c441e441e1d83dd6101e5205e0483d4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c441e441e1d83dd6101e5205e0483d4_JaffaCakes118
Size

726KB
MD5

3c441e441e1d83dd6101e5205e0483d4
SHA1

2c6a3d867729faa3f1f8b73610c8a1d260de15f1
SHA256

0202b682b63e9f7605eb67b4f469af95c1b7aeaf0e2f3d8199de50c499772376
SHA512

82f10d635c1960e68d5619c67fba35b0f9f881e6385e6af4303b59860d76db4f0978edcb6742ef53c2eca58e7e18ab31560409454fa07870e5642143129f5fc3
SSDEEP

12288:vJg2ZWy6CwFkLEgbJ3FKWn60Rc+vbij+RByrnz+IYVspgoiErxX:vByR4EgbJ3FQ0OGTIrNgoisX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c441e441e1d83dd6101e5205e0483d4_JaffaCakes118

Files

3c441e441e1d83dd6101e5205e0483d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

028865a3809892ee4d61cb6a2b931ddd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathStripPathW
PathAddExtensionW
PathRemoveExtensionW
PathAppendW
PathMatchSpecW

kernel32

GetProcAddress
GetCurrentProcess
GetCurrentProcessId
ReleaseMutex
Sleep
GetVersionExW
LocalFree
FormatMessageW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetLocalTime
GetTimeFormatW
GetDateFormatW
GetACP
LockResource
LoadResource
LoadLibraryA
SizeofResource
FindResourceW
SetLastError
GetCommandLineW
GetTempPathW
GetFileInformationByHandle
FileTimeToLocalFileTime
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetOEMCP
IsValidCodePage
GetCommandLineA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
ExitThread
GetSystemTimeAsFileTime
ReadFile
FileTimeToSystemTime
lstrcmpiW
WaitForSingleObject
ResetEvent
GetLongPathNameW
CreateEventW
lstrcpyW
CloseHandle
VirtualAlloc

dbghelp

ImageNtHeader

user32

GetSubMenu
GetMenuItemID
ModifyMenuW
IsIconic
IsZoomed
DestroyAcceleratorTable
TranslateAcceleratorW
GetMenuStringW
DrawMenuBar
GetMenuItemCount
DeleteMenu
SetForegroundWindow
CheckMenuRadioItem
MonitorFromWindow
GetMonitorInfoW
RealChildWindowFromPoint
SetMenu
IsDialogMessageW
LoadMenuW
GetClassNameW
IsCharAlphaNumericW
IsCharLowerW
GetClassNameA
CreateAcceleratorTableW
FindWindowW
ReleaseCapture
CreateDialogIndirectParamW
SystemParametersInfoW
TrackMouseEvent
GetCapture
DragDetect
SetRectEmpty
AppendMenuW
RegisterWindowMessageW
ShowCursor
CreateCursor
DestroyCursor
ScrollWindow
SetPropW
GetPropW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgCtrlID
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetParent
GetCursorPos
SetWindowTextW
RedrawWindow
EnableMenuItem
CheckMenuItem
GetMenuState
EmptyClipboard
SetClipboardData
GetDlgItemTextW
IsWindow
GetDlgItemInt
FrameRect
FillRect
DrawFocusRect
RemoveMenu
SetWindowLongW
InflateRect
GetSysColor
ClientToScreen
SetWindowPos
CallWindowProcW
IsClipboardFormatAvailable
RegisterClipboardFormatW
GetClipboardData
ChangeClipboardChain
SetClipboardViewer
CloseClipboard
OpenClipboard
LoadCursorW
GetParent
GetWindowLongW
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
SetCursor
MessageBeep
ShowScrollBar
BeginPaint
ReleaseDC
GetDC
DrawTextExW
DrawTextW
GetMenu
GetSystemMetrics
ToAscii
GetKeyboardState
GetFocus
SetWindowPlacement
GetWindowPlacement
DestroyWindow
DestroyIcon
LoadIconW
GetDesktopWindow
CreateWindowExW
RegisterClassW
DefWindowProcW
PostMessageW
DrawFrameControl
DrawEdge
LoadBitmapW
ScreenToClient
MessageBoxW
GetWindowRect
GetClientRect
InvalidateRect
UpdateWindow
CreatePopupMenu
IsWindowVisible
ShowWindow
UnregisterClassW
wsprintfW
SetFocus
MoveWindow
DrawIconEx
LoadImageW
EnableWindow
GetKeyState
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItem
PtInRect
WindowFromPoint
LockWindowUpdate
GetDCEx
mouse_event
SetDlgItemInt
GetSysColorBrush
MapWindowPoints
AdjustWindowRectEx
EndDialog
DialogBoxIndirectParamW

Sections

.text
Size: 676KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

028865a3809892ee4d61cb6a2b931ddd

Headers

File Characteristics

Imports

shlwapi

kernel32

dbghelp

user32

Sections

.text Size: 676KB - Virtual size: 675KB

.data Size: 8KB - Virtual size: 8KB

.rdata Size: 13KB - Virtual size: 13KB

.idata Size: 5KB - Virtual size: 5KB

.CRT Size: 4KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 44B

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 676KB - Virtual size: 675KB

.data
Size: 8KB - Virtual size: 8KB

.rdata
Size: 13KB - Virtual size: 13KB

.idata
Size: 5KB - Virtual size: 5KB

.CRT
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 44B

.rsrc
Size: 17KB - Virtual size: 16KB