3a1f137db52a1ad2eb84a9620d769413_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a1f137db52a1ad2eb84a9620d769413_JaffaCakes118
Size

312KB
MD5

3a1f137db52a1ad2eb84a9620d769413
SHA1

1a481bba5d5b2a443fc0bf46bd3840c7c676a18d
SHA256

94e737dc2675f35acc5d1d10e4005f5dd0e2c189e88fcd62a3d3c151d8b6b158
SHA512

3bf2c75b7aaaa7ed2a4cd3b1facde9293175cf55ec1fca083d7b38ba3d11ec50747380ae4e33e5476865ae4d07fe840ea70c3dcd44f10f69eacc836d9f2127fb
SSDEEP

6144:fEfe1BjOzW5cK0bUPjqshmCs8r2EBUCrhL3OTdYHHm:Mfu5MK0SxxnvBJrhL3OqH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a1f137db52a1ad2eb84a9620d769413_JaffaCakes118

Files

3a1f137db52a1ad2eb84a9620d769413_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de7c2af2538bc4c4251e95d35698d7e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
EnumResourceNamesA
QueryDosDeviceW
SetConsoleOutputCP
GetStartupInfoA
LocalLock
FreeResource
OutputDebugStringW
WriteProcessMemory
_hread
FreeEnvironmentStringsA
GetCommandLineA
GetVersionExA
lstrlenA
ExitProcess

user32

EnumDisplayDevicesW
CreateDialogIndirectParamA
CreateCaret
ClipCursor
GetCapture
RegisterClipboardFormatW
GetUserObjectInformationW
CharLowerW
DefWindowProcW
CopyAcceleratorTableA
CreateDesktopA
GetNextDlgTabItem
LoadStringW
SetWinEventHook
TrackPopupMenuEx
CharPrevA
DrawEdge
wsprintfW
GetClipCursor
GetAncestor
CreateAcceleratorTableW
wvsprintfW
ReleaseDC
GetDesktopWindow
ShowWindow
SetWindowsHookW
GetWindowRect
AppendMenuA
IsWindowUnicode
ChangeDisplaySettingsW
DestroyCaret
GetClipboardFormatNameA
TranslateMessage
SendMessageW
GetKeyNameTextA
IsCharAlphaA
OpenDesktopA
WindowFromDC
RegisterDeviceNotificationA
SetMenuItemBitmaps
ExcludeUpdateRgn
CopyImage
GetMessageA
OpenDesktopW
FindWindowExW
RemovePropA
FindWindowExA
BringWindowToTop
MessageBoxW
GetSysColorBrush
SetKeyboardState

gdi32

StrokeAndFillPath
GetClipBox
SelectObject
CreatePatternBrush
SetROP2
CreateBitmapIndirect
GetDIBits
StartDocW
GetObjectW
CreatePalette
ExtTextOutA
SetDIBitsToDevice
SetPixelV
GetObjectA
ExtFloodFill
SetPixelFormat
PtVisible
SetWinMetaFileBits

comdlg32

GetOpenFileNameA

advapi32

CryptDecrypt
RegisterServiceCtrlHandlerW
RegOpenKeyExW
DeleteService
RegLoadKeyW
RegRestoreKeyW
RegCreateKeyA
AllocateAndInitializeSid
LookupAccountSidA
CryptSetKeyParam
SetNamedSecurityInfoW
SetKernelObjectSecurity
GetLengthSid

shell32

DragAcceptFiles

ole32

StringFromGUID2

oleaut32

SafeArrayUnaccessData
SafeArrayGetLBound
SafeArrayRedim
SafeArrayGetElement

comctl32

ImageList_DragShowNolock
ImageList_Draw

shlwapi

SHRegOpenUSKeyW
PathStripPathA
PathAppendW
SHGetValueA
PathRemoveArgsW
StrChrIW
UrlApplySchemeW
StrCatW
PathAddBackslashA
StrRetToStrW
PathRemoveBlanksA
StrTrimA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsA
SetupGetLineCountA
SetupGetLineTextW
SetupDiSetDeviceRegistryPropertyA
SetupGetLineTextA
SetupGetLineCountW
SetupDiRemoveDevice

Sections

.text
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de7c2af2538bc4c4251e95d35698d7e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 284KB - Virtual size: 280KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 284KB - Virtual size: 280KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 18KB