3effb34c2a8c3b7c922f8033d5ba60b7_JaffaCakes118

General

Target

3effb34c2a8c3b7c922f8033d5ba60b7_JaffaCakes118
Size

942KB
MD5

3effb34c2a8c3b7c922f8033d5ba60b7
SHA1

8400fc7c2534318cb4d103d5f6f4d72b20541b55
SHA256

caf1ddba89b011639576e8065033720b9ce5e9af150a69978060b38c333f34e1
SHA512

01f3fc4d92dc4bce25a9015b57aa65f3d6e9c49adaa04030fd1a8a26b1833bb7659ccc0b2a0fbaccb71d5ca49cee1d37ebf7ae6d9a41e18f7ad1c1ecd09505f9
SSDEEP

24576:kMLFTWIfSDaE+pQhWLkoMlHzSGi2RZqB:A+St+ihPHf7fq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3effb34c2a8c3b7c922f8033d5ba60b7_JaffaCakes118

Files

3effb34c2a8c3b7c922f8033d5ba60b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1f585de181b36118455ecd7f0579958c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InsertMenuItemA
FindWindowA
GetAsyncKeyState
DestroyMenu
SetForegroundWindow
EnableMenuItem
CharNextA
RegisterClassA
PostQuitMessage
DestroyWindow
CharNextW
MessageBoxA
RegisterWindowMessageA
CreateWindowExA
LoadStringW
DestroyIcon
GetWindowTextW
SendMessageA
SetMenuDefaultItem
InsertMenuItemW
DispatchMessageA
GetCursorPos
TrackPopupMenu
DefWindowProcA
GetMessageA
LoadImageA
CreatePopupMenu

kernel32

FreeLibrary
GetTickCount
lstrcpynW
CreateFileA
lstrcpynA
SetFilePointer
GetEnvironmentVariableA
ExitProcess
GetVolumeInformationW
ReadFile
CloseHandle
GlobalAlloc
LoadLibraryExA
lstrlenW
GetDriveTypeW
GetModuleHandleA
GetLogicalDrives
GetPrivateProfileStringA
SetErrorMode
lstrlenA
GetModuleFileNameA
GetPrivateProfileIntA

shlwapi

StrToIntA
PathFileExistsA

advapi32

RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconW
SHGetSpecialFolderPathA

msvfw32

DrawDibProfileDisplay
ICRemove

Sections

.text
Size: 517KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 406KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f585de181b36118455ecd7f0579958c

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

advapi32

shell32

msvfw32

Sections

.text Size: 517KB - Virtual size: 516KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 406KB - Virtual size: 3.7MB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 517KB - Virtual size: 516KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 406KB - Virtual size: 3.7MB

.rsrc
Size: 16KB - Virtual size: 16KB