3527cddb07e38a2c6a82b409863dbb40_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3527cddb07e38a2c6a82b409863dbb40_JaffaCakes118
Size

354KB
MD5

3527cddb07e38a2c6a82b409863dbb40
SHA1

02dbceeb09fac795f3e8082c98e9ec360b0d9efd
SHA256

4cef7980c473b3949dee39b79c8f642a3aa8e4bff3c864045b2204ab07acf7fc
SHA512

1849a1be17f8f7f4126a5fd917b8f831c5f0c37909f0d53bfae2da83a76a161b5b659f70d477329cd90db0a3df770f0fc2fe0e7293646ab2e103e90e46e9e52c
SSDEEP

6144:lqgg1HrGSYBUnzeNuDHHlV8rQWn6kyaGrVMfqxEt2NzCztYsu:Igg5rX5nyNuDHH7iQWn8aGrVMSXzC+V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3527cddb07e38a2c6a82b409863dbb40_JaffaCakes118

Files

3527cddb07e38a2c6a82b409863dbb40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e54b9bd34149b251f543aa5c339b5fb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
ImageList_ReplaceIcon

kernel32

ExitProcess
GetModuleFileNameW
lstrcpynA
SearchPathW
GetUserDefaultLCID
GetShortPathNameW
SetEnvironmentVariableA
CreateMutexA
CloseHandle
RemoveDirectoryA
_lclose
GetStartupInfoA
FreeEnvironmentStringsA
GetDiskFreeSpaceExA
VirtualProtect
SetConsoleActiveScreenBuffer
DeleteFiber
WritePrivateProfileStringW
GlobalFindAtomA
GetCommConfig
VirtualQueryEx
AreFileApisANSI
GetProfileStringA
LoadResource
CreateIoCompletionPort
LoadLibraryExW
LocalLock
DuplicateHandle
GlobalGetAtomNameW
LocalSize
IsBadReadPtr
FormatMessageW
GetVersion
SetupComm
FreeLibrary
IsDBCSLeadByteEx
RaiseException
GetProcessTimes
ReleaseMutex
GetUserDefaultLangID

ws2_32

WSALookupServiceBeginA
WSAIsBlocking
WSAEnumProtocolsW
WSASetLastError
WSAAsyncGetHostByName

user32

RemoveMenu
SetWindowsHookW
GetDlgItemInt
PostMessageA
FlashWindow
SetCursorPos
PostMessageW
SetCaretBlinkTime
OpenWindowStationA
GetDlgItem
DrawTextExA
EndMenu
EnumClipboardFormats
InvalidateRgn
AdjustWindowRectEx
MsgWaitForMultipleObjectsEx
LoadMenuW
GetIconInfo
PeekMessageA
OpenWindowStationW
BroadcastSystemMessageA

msvcrt

_strnicoll
wctomb
ctime
iswspace
_fdopen
_wchmod
frexp
fread
fgetc
_getche
_pctype
signal
_strcmpi
_sopen
setlocale

Sections

.text
Size: 23KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e54b9bd34149b251f543aa5c339b5fb2

Headers

File Characteristics

Imports

comctl32

kernel32

ws2_32

user32

msvcrt

Sections

.text Size: 23KB - Virtual size: 247KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 23KB - Virtual size: 247KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 10KB - Virtual size: 12KB