3ad20d06bc5a366297fcf900693b1e7b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ad20d06bc5a366297fcf900693b1e7b_JaffaCakes118
Size

127KB
MD5

3ad20d06bc5a366297fcf900693b1e7b
SHA1

b1974553d0296da6028b407bca32c0bdd9caf710
SHA256

692bcdeca80828eb1d9f13f8d7b6b206ea1d45b310d1f5a9a9cf422280040723
SHA512

5f32d603109f42a34ad91c056ae4bac007c0dc9537a71a09dea93f5e7c8cd44abacd83b0ce26754c3e49fc933065f39d24337c23745be08a7dcbd7d40685fcfa
SSDEEP

3072:v+i6NUdVSOM3iPauQzbdKejh9H2JNaQIj5TGqdm3y8B4Yj:vpVSJuQzHuoY3y8BL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ad20d06bc5a366297fcf900693b1e7b_JaffaCakes118

Files

3ad20d06bc5a366297fcf900693b1e7b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

935184d88887c3af914dcc15448e96fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_controlfp
remove
__getmainargs
_adjust_fdiv
__set_app_type
__lc_codepage
wcstoul
towupper
exit
__setusermatherr
_except_handler3
_putenv
__p___initenv
_XcptFilter
__p__commode
strcmp
__p__fmode
log10
_isctype
_initterm
_mbsrchr
_acmdln
wcschr

kernel32

WaitForSingleObject
GetVersion
GetLocaleInfoA
GetSystemInfo
GetModuleHandleA
GetStartupInfoA
VirtualProtect

gdi32

SetDIBits
SetTextJustification
DeleteMetaFile
GetCurrentPositionEx
SetViewportOrgEx
ExtCreatePen
FrameRgn

advapi32

AdjustTokenPrivileges
CryptGenRandom
InitializeAcl
OpenThreadToken
InitializeSecurityDescriptor
RegEnumKeyExA
RegFlushKey
FreeSid
ControlService
RegCreateKeyExA
RegCreateKeyA
DeregisterEventSource
CryptAcquireContextA

shell32

SHChangeNotify
Shell_NotifyIconW
ShellExecuteExA
DragQueryFile
SHFileOperationA
SHFileOperationW
SHGetDiskFreeSpaceExW
DragQueryFileW

version

GetFileVersionInfoSizeW
GetFileVersionInfoA
VerInstallFileW
VerFindFileW
VerQueryValueA
VerLanguageNameA
VerQueryValueW

user32

OemToCharA
RegisterClipboardFormatA
GetMenuStringA
EnumWindows
RegisterClassA
WindowFromPoint
SetScrollInfo
GetWindowRect
IsIconic
IsZoomed
GetMessagePos
GetCursorPos
SetScrollPos

oleaut32

SafeArrayRedim
GetErrorInfo
VariantCopyInd

comctl32

PropertySheetA
ImageList_LoadImageA
ImageList_DragEnter
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_Destroy
InitCommonControlsEx
ImageList_GetIconSize
PropertySheetW
ImageList_DrawEx

ole32

RevokeDragDrop
RegisterDragDrop
IIDFromString
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleGetClipboard
OleIsCurrentClipboard
CoRevokeClassObject

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

935184d88887c3af914dcc15448e96fe

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

advapi32

shell32

version

user32

oleaut32

comctl32

ole32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 91KB - Virtual size: 168KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 91KB - Virtual size: 168KB