3a50a24cfd044d90b21b660bab221eb8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a50a24cfd044d90b21b660bab221eb8_JaffaCakes118
Size

148KB
MD5

3a50a24cfd044d90b21b660bab221eb8
SHA1

cd8141123a79ddd057384a3e9aa9ac4f0dcd44e3
SHA256

6494eeb938a2ffd886d9d579fc046a8d21a73676e3b752acc0da693b7023d6e8
SHA512

ec0136fe26027e0f1a8228d9863d3e6c03dd41d1a89d15c9b05f86bbfb02651ffdab794efd591634448b499048d80836f503b84696aa304de0f9b01ade9eadf7
SSDEEP

3072:US3SfSVeu5MNP6TpOeRZGWqgmXpyqdE4UdVJGvJ9yFVKVz1IVeD:US3QiekMNOpOeRZpqgm5yqm4OVJFVKda

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a50a24cfd044d90b21b660bab221eb8_JaffaCakes118

Files

3a50a24cfd044d90b21b660bab221eb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0e292aa3d65c715a2fd21fec13a1482

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
CreateDirectoryA
CreateEventA
CreateFileA
CreateProcessA
CreateProcessW
DeleteCriticalSection
DeleteFileA
DeviceIoControl
FindResourceA
FreeResource
GetACP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetDiskFreeSpaceA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeProcess
GetExitCodeThread
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleW
GetOEMCP
GetTempPathA
GetThreadLocale
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalHandle
HeapDestroy
InitializeCriticalSection
InterlockedExchange
InterlockedIncrement
LCMapStringA
LeaveCriticalSection
LoadLibraryExW
LoadResource
LockResource
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFileAttributesA
SetFileAttributesW
SetHandleCount
SetLastError
SetThreadPriority
SystemTimeToFileTime
TerminateProcess
TlsGetValue
VirtualAlloc
VirtualProtect
WaitForMultipleObjects
WriteFile
lstrcatA
lstrcmpiA
lstrcmpiW
lstrlenA

user32

BeginPaint
CallWindowProcA
CharNextA
DefWindowProcA
DeleteMenu
DestroyMenu
DrawEdge
DrawFrameControl
DrawMenuBar
DrawTextA
EnumWindows
FillRect
GetCapture
GetClassNameA
GetDCEx
GetFocus
GetIconInfo
GetKeyboardType
GetMenuItemCount
GetMenuState
GetMessageA
GetParent
GetScrollInfo
GetSubMenu
GetSystemMetrics
GetWindowLongA
GetWindowPlacement
InsertMenuA
InsertMenuItemA
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
MapWindowPoints
OemToCharA
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
ReleaseDC
SendDlgItemMessageA
SetActiveWindow
SetCapture
SetClipboardData
SetFocus
SetMenu
SetPropA
SetWindowLongA
SetWindowPlacement
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
TrackPopupMenu
UpdateWindow
WaitMessage

gdi32

AddFontResourceA
ArcTo
CombineRgn
CreateBrushIndirect
CreateCompatibleBitmap
CreateDCA
CreateDCW
CreateDIBPatternBrushPt
CreateDIBitmap
CreateFontA
CreateFontW
CreateHalftonePalette
CreateMetaFileW
CreatePalette
CreatePatternBrush
CreateRectRgnIndirect
DeleteDC
DeleteMetaFile
Ellipse
ExtCreatePen
ExtCreateRegion
ExtEscape
ExtTextOutW
GetDCOrgEx
GetEnhMetaFileDescriptionA
GetEnhMetaFilePaletteEntries
GetObjectType
GetOutlineTextMetricsA
GetPaletteEntries
GetStockObject
GetTextExtentPointW
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetWindowOrgEx
OffsetRgn
OffsetViewportOrgEx
Pie
PlayMetaFile
PolyDraw
Polygon
Polyline
PtInRegion
PtVisible
RectVisible
RoundRect
SaveDC
ScaleViewportExtEx
SetBkColor
SetBrushOrgEx
SetColorAdjustment
SetDIBColorTable
SetDIBitsToDevice
SetEnhMetaFileBits
SetPixel
SetPolyFillMode
SetROP2
SetTextColor
SetTextJustification
SetViewportExtEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx

shell32

CommandLineToArgvW
ExtractIconExA
FindExecutableW
SHBindToParent
SHBrowseForFolder
SHGetMalloc
SHGetPathFromIDList
SHGetSettings
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconW

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_GetIcon
ImageList_LoadImageA
ImageList_Remove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetImageCount
ImageList_SetOverlayImage
InitializeFlatSB

advapi32

AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptHashData
CryptReleaseContext
DeregisterEventSource
EqualSid
FreeSid
GetLengthSid
GetSecurityDescriptorDacl
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
IsValidSid
OpenProcessToken
OpenSCManagerA
OpenSCManagerW
OpenServiceA
OpenServiceW
OpenThreadToken
QueryServiceStatus
RegCloseKey
RegCreateKeyA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteValueA
RegDeleteValueW
RegEnumKeyA
RegEnumKeyExA
RegEnumKeyExW
RegFlushKey
RegOpenKeyA
RegOpenKeyExA
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueA
RegQueryValueExW
RegSetValueExW
SetSecurityDescriptorOwner

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0e292aa3d65c715a2fd21fec13a1482

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 87KB - Virtual size: 86KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 87KB - Virtual size: 86KB

.rsrc
Size: 16KB - Virtual size: 16KB