3038caa76127da94cfc0bff4d230a769_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3038caa76127da94cfc0bff4d230a769_JaffaCakes118
Size

188KB
MD5

3038caa76127da94cfc0bff4d230a769
SHA1

0475f543dbddd54e241509dc7c48b83f5995cb13
SHA256

990c9f7e68652d4dd94a7c1ec961d6ab9a185eaed3bea8a775519d9b56fd084b
SHA512

6f74148508a0a59c02ec1706e7cc2100bb3c6692632a7c5a3c2df432298b423068754581042ced5099676ba507bf6e7ecd1e99e3d953a4a98a8a0ba17fb0f9d5
SSDEEP

3072:NbH0Zm/cdXtU2dD52Unp/yal8EJVqnjX:z8pdD5dp/yxEJVC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3038caa76127da94cfc0bff4d230a769_JaffaCakes118

Files

3038caa76127da94cfc0bff4d230a769_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1e52f73f6f83b322ff62ccd7a19ace2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateMutexW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
ReadFile
GetFileSize
CreateProcessW
TerminateProcess
GetExitCodeProcess
GetLongPathNameW
GetTempPathW
GetSystemTime
OpenMutexW
ExpandEnvironmentStringsW
GetPrivateProfileStringW
WritePrivateProfileStringW
RemoveDirectoryW
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
ReleaseMutex
GetStringTypeA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
HeapSize
GetCurrentProcess
HeapReAlloc
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
WaitForSingleObject
CreateFileW
WriteFile
CloseHandle
LoadLibraryW
GetProcAddress
DeleteFileW
GetWindowsDirectoryW
GetSystemDirectoryW
CopyFileW
MoveFileExW
FreeLibrary
GetCommandLineW
Sleep
CreateThread
GetStringTypeW
RaiseException
GetLocalTime
GetTimeZoneInformation
RtlUnwind
SetEnvironmentVariableA

user32

PtInRect
EndDialog
SetTimer
SendMessageW
LoadIconW
PostMessageW
MessageBoxW
GetWindowTextW
GetWindowTextLengthW
IsWindow
GetDlgItem
MoveWindow
LoadBitmapW
GetSystemMetrics
SetRect
SetFocus
PeekMessageW
TranslateMessage
DispatchMessageW
GetMessageW
WaitForInputIdle
GetWindowRect
SetWindowPos
DialogBoxParamW
DestroyIcon
GetWindowLongW
SetWindowLongW
SetWindowTextW
EnableWindow
KillTimer
GetDC
FillRect
DrawTextW
ReleaseDC
InvalidateRect
GetClientRect

gdi32

CreateCompatibleBitmap
CreateSolidBrush
DeleteDC
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegFlushKey
RegCloseKey

shell32

ShellExecuteW
SHGetSpecialFolderPathW

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod
timeSetEvent
timeKillEvent

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetQueryDataAvailable
InternetOpenW

netapi32

Netbios

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1e52f73f6f83b322ff62ccd7a19ace2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

winmm

wininet

netapi32

iphlpapi

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 80KB - Virtual size: 76KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 80KB - Virtual size: 76KB