35a282c9727745b3aad72c7b6f636135_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35a282c9727745b3aad72c7b6f636135_JaffaCakes118
Size

1.1MB
MD5

35a282c9727745b3aad72c7b6f636135
SHA1

583752b5ba5414eeab5c09f4488a48a7ae3b27e3
SHA256

baffb6d8d0cd90dcadd7770359e5b82d19ef4159bc441e0e2f8fed0abb6c4da8
SHA512

e93dba081098dcd126e8d91d4557dafead3129bb0c07e1cbbe2da28c99fde118adc12ba88b466b9717e5dae39f9b72e30d4b7f741e3ff92dc4182792552901e0
SSDEEP

24576:onAVdIxVMuThNfchdCQNvKkF6yKrvP6BaSemFNDfUlWVYXjw/ZcKxq:Bdq3tNfGg83ema3cNL8WWTSx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35a282c9727745b3aad72c7b6f636135_JaffaCakes118

Files

35a282c9727745b3aad72c7b6f636135_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3124c4502d26158db4bab1a7a66e1c8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetFileSize
SetLastError
GetFullPathNameA
WideCharToMultiByte
lstrcpynA
MultiByteToWideChar
GetLastError
CreateDirectoryA
CreateThread
GetTempPathA
MulDiv
LocalFree
FormatMessageA
GetWindowsDirectoryA
GetEnvironmentVariableA
CopyFileA
MoveFileA
SetErrorMode
GetModuleFileNameA
GetModuleHandleA
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapFree
WriteFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
GetFileAttributesA
TlsAlloc
TlsGetValue
HeapAlloc
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetStdHandle
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetProcAddress
LoadLibraryA
SetEndOfFile
DeleteFileA
CreateFileA
GetFileTime
FileTimeToLocalFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
SetFileAttributesA
TlsSetValue
GetSystemDefaultLangID

user32

CheckDlgButton
SetWindowPos
GetWindowRect
GetDesktopWindow
PostMessageA
SetClassLongA
DestroyMenu
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetCursorPos
ShowWindow
LoadIconA
DialogBoxParamA
LoadCursorA
SetCursor
GetSystemMetrics
GetClientRect
GetDlgItemTextA
GetActiveWindow
MessageBoxA
SendMessageA
SetWindowTextA
IsDlgButtonChecked
FindWindowA
GetWindowTextA
GetDC
ReleaseDC
GetDlgItem
EndDialog
SetDlgItemTextA
OemToCharBuffA

gdi32

GetDeviceCaps
CreateFontIndirectA

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHFileOperationA
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA

ole32

CoCreateInstance
OleInitialize
OleUninitialize

comctl32

ord17

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3124c4502d26158db4bab1a7a66e1c8a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 12KB - Virtual size: 10KB