38b8933c0258014f429bf0336485a5bc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

38b8933c0258014f429bf0336485a5bc_JaffaCakes118
Size

380KB
MD5

38b8933c0258014f429bf0336485a5bc
SHA1

0b6c18d654bda6714cf0fc01a686cfdc319d8bd4
SHA256

3e4082fd9c287de993cd2fee1276c2d83e7a50927197e5caa9fa872b1dfceb16
SHA512

92180317d640572bf20e80d73916565a5051e9500a4926f8049b8edd60c2c495978471ce87df4e66f018d40248f2243e155657b22155035f6530822345ec3541
SSDEEP

6144:MhwSQxDFDUKQ8zwz1haIJsH1nS17DNWCC4ac/wMS4xw12oNlrLpJBIYR8Q8:MhkLpQ8QhsH1iUBZc/wi2LpJBW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38b8933c0258014f429bf0336485a5bc_JaffaCakes118

Files

38b8933c0258014f429bf0336485a5bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f2e929d094618e8285bb596da3d2868

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeA
ReadConsoleA
GetLocaleInfoW
MultiByteToWideChar
WritePrivateProfileSectionW
SuspendThread
GetSystemDefaultLangID
GetNumberFormatW
GetHandleInformation
lstrcmpA
SetConsoleMode
SetTimeZoneInformation
GetEnvironmentStringsW
GetLongPathNameA
GlobalFree
SetStdHandle
MoveFileW
lstrcmpiA
GenerateConsoleCtrlEvent
FlushFileBuffers
GetFileAttributesA
GetCommState
SetSystemTime
GetVolumeInformationW
lstrcmpiW
VirtualLock
EndUpdateResourceA
CompareStringA
WritePrivateProfileStringA
GlobalUnlock
GetUserDefaultLCID
GetFileAttributesExA
CloseHandle
GetVersionExA
GetProcessTimes
FindResourceExA
FindNextChangeNotification
SetConsoleOutputCP
EnumTimeFormatsW
EnumCalendarInfoW
_lread
DeleteCriticalSection
CancelIo
LocalLock
lstrcatW
GetSystemDirectoryW
GetCommandLineA
VirtualProtect
IsBadStringPtrA
ExitProcess

user32

SendNotifyMessageW
CreateMDIWindowW
GetShellWindow
GetMenuItemInfoA
GetMenuItemRect
LookupIconIdFromDirectory
GetWindowRgn
CopyIcon
LoadIconW
AppendMenuA
GetUpdateRgn
ChildWindowFromPoint
GetWindowThreadProcessId
GetMenuStringA
CopyAcceleratorTableA
MapDialogRect
GetDesktopWindow
CloseDesktop
EqualRect
SetWindowRgn
GetTopWindow
GetWindowTextLengthW
FindWindowW
TabbedTextOutW
ChangeDisplaySettingsA
InvalidateRect
GetScrollPos
GetQueueStatus
DialogBoxIndirectParamA
GetSysColor
DestroyMenu
GetMessageTime
DialogBoxIndirectParamW
SetCursor
InflateRect
BeginDeferWindowPos
FindWindowExW
SetSysColors
wvsprintfW
GetMenuState
CreateCursor
SetMessageQueue
DrawIcon
EnableMenuItem
MessageBoxExA
LoadMenuA
IsChild
GetWindowLongA
LoadImageW
mouse_event
IsCharUpperA

gdi32

AddFontResourceW
SetDIBits
SetTextAlign
CreateFontA
Rectangle
GetTextCharacterExtra
GetViewportExtEx
PolyBezier
CreateFontIndirectA

comdlg32

GetOpenFileNameA

advapi32

ReadEventLogW
CryptReleaseContext

shell32

SHAddToRecentDocs
FindExecutableW

oleaut32

SysFreeString
VariantChangeType
LoadTypeLi
VariantCopy

comctl32

ImageList_GetImageCount
ImageList_DragMove

shlwapi

StrDupA
PathRemoveBackslashA
SHDeleteKeyW
SHEnumValueW
StrCmpNIW
StrRetToStrW
SHCopyKeyW
SHRegGetBoolUSValueW
PathFindExtensionA

Sections

.text
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f2e929d094618e8285bb596da3d2868

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

shlwapi

Sections

.text Size: 332KB - Virtual size: 329KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 40KB - Virtual size: 38KB

.text
Size: 332KB - Virtual size: 329KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 40KB - Virtual size: 38KB