3979b0bd5a9116f23d24d9cedb7777ec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3979b0bd5a9116f23d24d9cedb7777ec_JaffaCakes118
Size

300KB
MD5

3979b0bd5a9116f23d24d9cedb7777ec
SHA1

06ffe2156dc15ab17921f7c06b9c1daa35f7a492
SHA256

0d8b10a53f767e70a013bc7cb62d0a927fe21778343f583ca84f1f5ca860b964
SHA512

1db8d21b71e2d9158719e2ca4a24633b78b483c91cb102eac636fd3936ff19d99fa9ad0ea2e1084c39174256e9f4a0c38ed9758f370fd15669639d41995f7e81
SSDEEP

6144:2svGlOQADFX2o6fnrV/Q+GAXYGLe90q0x9WXB+VQR70vxZG:2svC4xy2+vYGLrq0x+BOQRsf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3979b0bd5a9116f23d24d9cedb7777ec_JaffaCakes118

Files

3979b0bd5a9116f23d24d9cedb7777ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86394d3cc9ea779bd80c80f7cae0a21f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputW
WritePrivateProfileStringA
GetDriveTypeW
FreeEnvironmentStringsA
DosDateTimeToFileTime
GetCommState
LeaveCriticalSection
GetProcessTimes
GetACP
GetComputerNameW
LocalSize
LocalReAlloc
GetDiskFreeSpaceExA
EndUpdateResourceA
ReleaseMutex
CreateMutexA
lstrcpynA
GetCommandLineA
GetVersionExA
VirtualProtect
ExitProcess

user32

LoadKeyboardLayoutW
SetWindowTextA
LoadStringA
GetMenuState
DrawTextA
FindWindowW
CharPrevW
ChangeDisplaySettingsExA
CreateDialogParamA
CheckDlgButton
DefDlgProcA
HiliteMenuItem
WaitForInputIdle
GetAsyncKeyState
CharUpperBuffW
GetKeyboardLayoutNameA
CharNextExA
TrackMouseEvent
GetClientRect
MapWindowPoints
GetWindowContextHelpId
GetClassNameW
GetActiveWindow
WindowFromPoint
ScrollDC
TrackPopupMenu
OemKeyScan
DestroyCaret
GetDesktopWindow

gdi32

EnumEnhMetaFile
StrokePath
GetOutlineTextMetricsW
GetTextColor
ExtSelectClipRgn
GetStretchBltMode
BeginPath
CreatePen

comdlg32

GetSaveFileNameW
GetOpenFileNameA
CommDlgExtendedError

advapi32

RegQueryInfoKeyA
AddAce
NotifyChangeEventLog
AccessCheck
RegQueryInfoKeyW
RevertToSelf

shell32

SHFileOperationA
Shell_NotifyIconA

ole32

OleSave
PropVariantCopy
CoSwitchCallContext
CoCreateInstance
WriteClassStg
CoRegisterClassObject

oleaut32

LoadTypeLibEx
SafeArrayRedim
QueryPathOfRegTypeLi
VariantChangeType
SafeArrayPutElement
SysStringLen
SafeArrayGetLBound
SafeArrayUnaccessData
SetErrorInfo

comctl32

ImageList_LoadImageA
ImageList_SetImageCount
ImageList_GetDragImage

shlwapi

PathCommonPrefixW
PathIsUNCA
StrFormatByteSizeA
StrChrIW
PathFindFileNameA

setupapi

SetupOpenAppendInfFileA
SetupGetLineTextW
SetupGetStringFieldW
SetupDiSetClassInstallParamsA

Sections

.text
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

86394d3cc9ea779bd80c80f7cae0a21f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 288KB - Virtual size: 284KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 520B

.text
Size: 288KB - Virtual size: 284KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 520B