3d2e58d5e3d5f4c87eddf9063bba8847_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3d2e58d5e3d5f4c87eddf9063bba8847_JaffaCakes118
Size

115KB
MD5

3d2e58d5e3d5f4c87eddf9063bba8847
SHA1

a3dee08a41314eb7545fb9d7f65f8a048d90f229
SHA256

a27ec606125f8c982c0e88897964db49a32505130610cd7256873de908479a56
SHA512

b9d75f22aee98a0026c792c448bb3b25b00bd614d37fc3d22beda64cf437d5b2918548f67fe950a2ff9d95b45ddc040e883f39ccde47dc98ab38a9252383ef8b
SSDEEP

3072:y2kI/7aW9CjSMGScR7YgA+pq9Ep4OvzycbVJ0MTbQ+P:yHI/2W9CFGdRZjq9EiOvzfZKMTPP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d2e58d5e3d5f4c87eddf9063bba8847_JaffaCakes118

Files

3d2e58d5e3d5f4c87eddf9063bba8847_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c6f43b39ba4ecf6f55745341e82f2e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefMDIChildProcW
OpenIcon
DlgDirSelectComboBoxExA
OpenDesktopA
SetCaretBlinkTime
GetSystemMetrics
GetDCEx

shell32

ord179

shlwapi

SHSkipJunction
PathIsNetworkPathW
PathMakePrettyA
PathBuildRootA

advapi32

CryptSetProviderExA
GetCurrentHwProfileA
AddAuditAccessAce
LookupAccountNameW

kernel32

FreeLibrary
InterlockedExchange
GetLastError
LocalFree
LocalAlloc
ReadFile
VirtualQuery
GetModuleHandleA
RegisterWaitForSingleObjectEx
SetLocalTime
FatalExit
GetCPInfoExW
GetOverlappedResult
lstrcpynA
LocalSize
BackupRead
VirtualFree
GetTimeZoneInformation
SetConsoleWindowInfo
FillConsoleOutputCharacterA
GetProcessHeaps
RaiseException
GetBinaryTypeA
GetProcessWorkingSetSize
CreateFileA
GetFileSize
CloseHandle
CreateFileMappingA
MapViewOfFile
GetCommandLineA
GetModuleFileNameA
UnmapViewOfFile
LoadLibraryA
GetProcAddress
lstrcmpA
ExitThread

clusapi

ClusterRegQueryInfoKey

gdi32

GetPixel
SetMapMode
SetMetaFileBitsEx
SetLayout
ColorCorrectPalette
CreateEnhMetaFileA
CreateBrushIndirect

msvcrt

memset
mbstowcs
memcpy
abort

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata1
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata0
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

QMst6
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

+7jQTy
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sh7
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Suj
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

60y6
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c6f43b39ba4ecf6f55745341e82f2e7

Headers

File Characteristics

Imports

user32

shell32

shlwapi

advapi32

kernel32

clusapi

gdi32

msvcrt

Sections

.text Size: 13KB - Virtual size: 13KB

.idata1 Size: 512B - Virtual size: 392B

.idata0 Size: 1024B - Virtual size: 668B

QMst6 Size: 8KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 11KB

+7jQTy Size: 5KB - Virtual size: 4KB

sh7 Size: 23KB - Virtual size: 23KB

Suj Size: 46KB - Virtual size: 46KB

60y6 Size: 8KB - Virtual size: 7KB

.text
Size: 13KB - Virtual size: 13KB

.idata1
Size: 512B - Virtual size: 392B

.idata0
Size: 1024B - Virtual size: 668B

QMst6
Size: 8KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 11KB

+7jQTy
Size: 5KB - Virtual size: 4KB

sh7
Size: 23KB - Virtual size: 23KB

Suj
Size: 46KB - Virtual size: 46KB

60y6
Size: 8KB - Virtual size: 7KB