3525f38d75edd039f7177d8bd2867280_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3525f38d75edd039f7177d8bd2867280_JaffaCakes118
Size

28KB
MD5

3525f38d75edd039f7177d8bd2867280
SHA1

99349138e0c8d6e32f85208f29d2ca72682e1416
SHA256

decaae6bd45030983ac37dec8adb55d0149e234b1bdc3f0bafefa387d9b54b4a
SHA512

8a4f7b252ddf6321bad3ebdee17d270c635aaa9b13f91b9c8a11e3826f5e48fefae29ccbca626d37eb6a40a31295b2ad8fa36324c19539636f308eb90944c3e4
SSDEEP

768:nVAw2AoenYwMAW9UfyjgJWDVdBz0rl8cU4t:q7d1iWmfyjwkVdF0reH4t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3525f38d75edd039f7177d8bd2867280_JaffaCakes118

Files

3525f38d75edd039f7177d8bd2867280_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4999ccf8c18337e2bbeea5a02a809bff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
GetLocalTime
Sleep
GetCurrentProcessId
DeleteFileW
PulseEvent
GetProcessPriorityBoost
SuspendThread
GetModuleHandleA
ExitProcess
ConnectNamedPipe
Module32First
SetConsoleTextAttribute
SetConsoleMode
DefineDosDeviceW
GlobalAddAtomA
GetStartupInfoW
SetTapePosition
CreateHardLinkW
VirtualAlloc
VirtualFree
OutputDebugStringA
SetConsoleCP
GetConsoleCP
SetConsoleWindowInfo
lstrcmpiA
GetConsoleAliasExesW
GetStartupInfoA
GlobalFindAtomA
ClearCommError
lstrcmpiW
GetSystemTime
GetTickCount
GlobalDeleteAtom
GetCommTimeouts
CreateFileMappingW
GetShortPathNameA

user32

CreatePopupMenu
ArrangeIconicWindows
ChildWindowFromPointEx
DdeUninitialize
DdeAddData
DdeInitializeW

msvcrt

_ismbstrail
_chgsign
_pctype
_ismbbprint
cosh
wcscat
_filbuf
_wspawnl
sqrt
_CIpow
localtime
putwc
_getdllprocaddr
wcsftime
_wsystem
raise
wcsrchr
wcsncat
_c_exit
_wspawnlp
_ecvt
_chdir
atexit
_CIsin
scanf
_CIlog10

ole32

IsValidInterface
OleLoadFromStream
OleConvertOLESTREAMToIStorageEx
OleSetClipboard
CLSIDFromString
CoBuildVersion
StgOpenStorageOnILockBytes
CoGetTreatAsClass

gdi32

DeviceCapabilitiesExW
GetObjectType
GetCharABCWidthsW
GetColorSpace
GetPixelFormat
GetStretchBltMode
GetPaletteEntries
GetTextMetricsW
StrokeAndFillPath
EnumFontFamiliesExA
SetMiterLimit
SetBkColor
BitBlt
EndPage
GetPolyFillMode
RectVisible
UpdateColors
Arc
CreateEnhMetaFileW
GetTextColor
AnimatePalette
PolyPolyline
EnumFontFamiliesW
CreateColorSpaceA
GetViewportExtEx

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kqso
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddgb
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4999ccf8c18337e2bbeea5a02a809bff

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

ole32

gdi32

Sections

.text Size: 6KB - Virtual size: 6KB

.kqso Size: 10KB - Virtual size: 20KB

.ddgb Size: 10KB - Virtual size: 17KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.kqso
Size: 10KB - Virtual size: 20KB

.ddgb
Size: 10KB - Virtual size: 17KB

.reloc
Size: 1024B - Virtual size: 1KB