3b1d61a48849ececa38d279cc24fb00b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b1d61a48849ececa38d279cc24fb00b_JaffaCakes118
Size

43KB
MD5

3b1d61a48849ececa38d279cc24fb00b
SHA1

39f2060862750e556152d56f2dbdd06f5b500b97
SHA256

d7a6ae1ae0a6fea15a7c753250321cc900178497ebb70d38ba581f850be2e602
SHA512

a46eba129da1f5ab4e127e65ac0b7ab1a3218097bd07278cba4d6913bea700637fcdf23821273cedcc9fb1af66e2a786eade9e0e8087ba18416188e4926ff407
SSDEEP

768:XiEIXrLOBFCKUoK4OgVEdSYSTIEPF1JwkvXbpx9/soiEHkV:XiECLqLFGg9hIaBwkvbF/r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b1d61a48849ececa38d279cc24fb00b_JaffaCakes118

Files

3b1d61a48849ececa38d279cc24fb00b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe9b435ca34a195ecc8e2a826249789d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
VirtualProtect
GetDiskFreeSpaceExA
HeapWalk
NlsConvertIntegerToString
EnumResourceTypesA
ConvertThreadToFiber
ReadConsoleInputExA
GetComputerNameExA
EnumTimeFormatsW
EnumLanguageGroupLocalesA
FindResourceExW
LocalLock
GetFileSize
GetLastError
PeekNamedPipe
BeginUpdateResourceW
UnmapViewOfFile
IsBadWritePtr
FindResourceA
lstrcpynA
GetTickCount

user32

SetDlgItemInt
RealGetWindowClassW
GetScrollRange
GetMenuCheckMarkDimensions
RegisterShellHookWindow
InsertMenuItemA
TabbedTextOutA
GetWindowTextLengthW
ShowCaret
IMPQueryIMEA
SwitchToThisWindow
OemToCharBuffA
CheckRadioButton
LockWindowStation
DialogBoxIndirectParamW

gdi32

GdiDescribePixelFormat
GetTextMetricsA
CloseMetaFile
GdiCreateLocalMetaFilePict
EngDeletePalette
EngLineTo
EngAssociateSurface
ScaleWindowExtEx
TranslateCharsetInfo
RectInRegion
PolyBezier
EnumICMProfilesA
SelectPalette
GdiEntry2
SetStretchBltMode
EngDeleteSurface
GetLogColorSpaceW
GdiIsMetaPrintDC
ExtCreatePen
DescribePixelFormat
RemoveFontMemResourceEx
SetBkMode
GetPath
StretchDIBits
GetEnhMetaFileW
GdiProcessSetup
FrameRgn
Polyline
GdiEntry5
CancelDC
GetFontLanguageInfo
SetViewportExtEx
AddFontResourceExA

comdlg32

FindTextW
PrintDlgExW
dwLBSubclass
GetFileTitleW
CommDlgExtendedError
GetOpenFileNameW
PageSetupDlgA
ChooseFontA
ChooseColorA
ReplaceTextA
Ssync_ANSI_UNICODE_Struct_For_WOW
GetSaveFileNameW

psapi

GetWsChanges
GetDeviceDriverBaseNameW
GetDeviceDriverBaseNameA
GetModuleFileNameExA
EmptyWorkingSet
GetMappedFileNameA
EnumProcesses
GetMappedFileNameW
GetModuleBaseNameA
EnumDeviceDrivers
GetModuleBaseNameW
InitializeProcessForWsWatch
GetDeviceDriverFileNameA
GetModuleInformation
GetModuleFileNameExW
EnumProcessModules
GetDeviceDriverFileNameW
QueryWorkingSet

comctl32

ImageList_GetImageCount
ImageList_GetDragImage
FlatSB_GetScrollInfo
GetMUILanguage
ImageList_LoadImageA
DrawStatusText
ImageList_SetDragCursorImage
InitCommonControlsEx
PropertySheetW
ImageList_DragEnter
CreateStatusWindowW
FlatSB_SetScrollProp
CreateStatusWindow
ImageList_ReplaceIcon
FlatSB_ShowScrollBar

Sections

.text
Size: 5KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe9b435ca34a195ecc8e2a826249789d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 5KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 4KB - Virtual size: 8KB

.text
Size: 5KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 4KB - Virtual size: 8KB