3a292383c271ecd4d0e87afc4ed805b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a292383c271ecd4d0e87afc4ed805b4_JaffaCakes118
Size

150KB
MD5

3a292383c271ecd4d0e87afc4ed805b4
SHA1

7890720a12893e26f57c1576bb272244d5a0428e
SHA256

491491f4cd042fab538e58f47802745ffe7b67578a047132e33b76da8a6fe2c2
SHA512

36092e6a2d3ed3b8379614a7bd1137619f59cbb6ddcc6d1316a51efdc593fcf741b05cc9ebcf591c3341e311d554436c3cee475b262f3694b3c81723ae0de2e6
SSDEEP

3072:xXqzFftODn6UDLxmO7TbdCohif7FseEtic8WGr9/JE2AdpzAc:xXuUDLIOzddhy7F5EAc8v/E2Av

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a292383c271ecd4d0e87afc4ed805b4_JaffaCakes118

Files

3a292383c271ecd4d0e87afc4ed805b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a735adb48ad2491e618764c02792639

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__setusermatherr
__p__fmode
_CIsqrt
log10
putchar
iswctype
sin
_dup
__p__commode
exit
bsearch
__getmainargs
__set_app_type
_adjust_fdiv
_wtol
_initterm
_acmdln
_except_handler3
_XcptFilter
_controlfp

kernel32

MulDiv
LCMapStringA
GetStartupInfoA
IsBadReadPtr
GetModuleHandleA
VirtualProtect
GlobalReAlloc
GetACP
SetUnhandledExceptionFilter
GetConsoleOutputCP
CopyFileA

gdi32

ExtTextOutA
RealizePalette
SetTextAlign
GetWindowOrgEx
SetDIBitsToDevice
Ellipse
CombineRgn
EndPath
TextOutW
GdiFlush
GetTextMetricsA

version

GetFileVersionInfoA
VerInstallFileA
VerLanguageNameA
GetFileVersionInfoW
GetFileVersionInfoSizeA
VerQueryValueW

advapi32

RegOpenKeyA
RegQueryInfoKeyA
RegOpenKeyExA
LookupPrivilegeValueW
AllocateAndInitializeSid
RegEnumKeyA
OpenProcessToken
AddAccessAllowedAce
GetLengthSid
EqualSid

comctl32

ImageList_Write
ImageList_Destroy
ImageList_Replace
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_DrawEx
ImageList_GetImageCount
InitializeFlatSB
ImageList_SetIconSize

user32

DestroyCursor
GetMenuItemID
GetSubMenu
EmptyClipboard
EqualRect
TrackPopupMenu
SetCapture
GetLastActivePopup

oleaut32

SysFreeString
VariantClear
GetErrorInfo
SafeArrayUnaccessData
SysAllocStringByteLen
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayGetElement

shell32

ShellExecuteEx
SHAddToRecentDocs
SHGetFileInfoA
SHBindToParent
DragQueryFileA
DragQueryFile
FindExecutableW
ShellExecuteA
SHGetDiskFreeSpaceExW
SHCreateDirectoryExA

ole32

CoInitializeEx
StgCreateDocfileOnILockBytes
CoDisconnectObject
CreateStreamOnHGlobal
CoRegisterClassObject
StgOpenStorage
CoTaskMemAlloc
CoGetClassObject
StringFromGUID2
IsAccelerator
ProgIDFromCLSID
CoRevokeClassObject

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a735adb48ad2491e618764c02792639

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

version

advapi32

comctl32

user32

oleaut32

shell32

ole32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 113KB - Virtual size: 112KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 113KB - Virtual size: 112KB