3b427b8a75a58ce1998e8e187a8ca8e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b427b8a75a58ce1998e8e187a8ca8e9_JaffaCakes118
Size

292KB
MD5

3b427b8a75a58ce1998e8e187a8ca8e9
SHA1

9a094a9250efd15aba3e869cc99449ebced81237
SHA256

de7e5de58b6b203dc84e011e3ce31ffebc08e3ee03815633dc1d48f8d86d8203
SHA512

3633aa02d1799303d835e27d9c9642de1a2b863fc228905c1194b6e8408da27d686ea2674248ac6f9678f8b850bf4126e790ec0bc74080849098ca1a48043f52
SSDEEP

6144:gbkDvSR48FKC72L4Cdng2UU0UPe0t578ARZPHD:ggTw3y6UR7L7PP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b427b8a75a58ce1998e8e187a8ca8e9_JaffaCakes118

Files

3b427b8a75a58ce1998e8e187a8ca8e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22e3e0b0e84b57c38f9d20bc5b8ae726

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragLeave
InitMUILanguage
DrawStatusText
DestroyPropertySheetPage
ImageList_BeginDrag
CreateToolbarEx
CreateStatusWindowW
CreateMappedBitmap
ImageList_GetImageRect
InitCommonControlsEx
ImageList_SetFilter
ImageList_DragEnter
ImageList_Write
ImageList_DragMove
GetEffectiveClientRect
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_Destroy

advapi32

CryptCreateHash
CryptGetHashParam

comdlg32

FindTextA
LoadAlterBitmap
GetFileTitleA
PrintDlgW

kernel32

GetEnvironmentStringsW
FlushFileBuffers
CreateWaitableTimerA
TerminateProcess
CompareStringA
FindFirstFileExA
GetCurrentProcess
FreeEnvironmentStringsA
GetCurrentThread
GetEnvironmentStrings
GetUserDefaultLCID
HeapFree
GetConsoleCP
IsValidCodePage
HeapDestroy
HeapReAlloc
LoadLibraryA
WriteConsoleA
LoadLibraryExA
HeapSize
SetStdHandle
AddAtomA
HeapCreate
GlobalHandle
FindFirstFileExW
GetModuleFileNameW
ExitProcess
GetThreadPriorityBoost
WriteFile
GetLocaleInfoW
FindNextFileW
QueryPerformanceCounter
VirtualFree
AllocConsole
GetVersionExA
FreeEnvironmentStringsW
GetPrivateProfileStringW
IsValidLocale
CloseHandle
GetNamedPipeInfo
MultiByteToWideChar
GetStringTypeW
HeapAlloc
UnhandledExceptionFilter
EnumSystemLocalesA
OpenMutexW
GetTimeZoneInformation
EnumDateFormatsW
GetThreadPriority
MoveFileExA
GetDateFormatA
GetTickCount
GetStartupInfoA
LocalUnlock
GetVersion
SetThreadLocale
GetCommandLineA
FindAtomA
CreateMutexA
GetCommandLineW
GetStringTypeA
GetOEMCP
GetStartupInfoW
LeaveCriticalSection
SetCurrentDirectoryW
VirtualQuery
FillConsoleOutputCharacterW
CreateFileW
VirtualAlloc
LCMapStringW
RtlUnwind
GetCurrentDirectoryA
GetConsoleOutputCP
EnterCriticalSection
GetModuleHandleA
GlobalAlloc
InterlockedExchange
VirtualProtect
CreateNamedPipeA
GetProcAddress
ReadFile
CreateFileA
GetCurrentThreadId
GlobalUnlock
lstrcatW
FreeLibrary
LocalCompact
ConnectNamedPipe
InterlockedDecrement
WaitForSingleObject
Sleep
SetLastError
InitializeCriticalSection
GetNumberFormatW
LCMapStringA
SetHandleCount
WriteConsoleW
LocalShrink
GetTimeFormatA
GetCurrentProcessId
OpenFile
GlobalSize
DeleteCriticalSection
GetStdHandle
TlsAlloc
GetLocaleInfoA
WideCharToMultiByte
GetProfileStringW
GetCPInfo
SetEnvironmentVariableA
CompareStringW
TlsSetValue
MapViewOfFile
OpenMutexA
SetVolumeLabelW
GetProcessHeap
GetPrivateProfileSectionNamesA
GetFileType
GetConsoleMode
GetLastError
SetFilePointer
GetACP
GetModuleFileNameA
GlobalFindAtomW
SetUnhandledExceptionFilter
SetEnvironmentVariableW
DebugBreak
IsDebuggerPresent
GetSystemTimeAsFileTime
WriteProfileSectionA
InterlockedIncrement
TlsGetValue
WritePrivateProfileSectionA
GetVersionExW
SetConsoleCtrlHandler
TlsFree

gdi32

CreatePolyPolygonRgn
Chord

user32

CreateWindowExW
ArrangeIconicWindows
ExcludeUpdateRgn
EnumDisplayDevicesW
LookupIconIdFromDirectory
GetListBoxInfo
GetKeyNameTextA
OpenIcon
RegisterClassExA
FillRect
CharPrevA
EndDialog
MessageBoxExA
InsertMenuItemW
DdeDisconnect
MoveWindow
RegisterClassA
MessageBoxExW
TranslateAcceleratorW
GetKBCodePage
DdeAccessData
VkKeyScanA
ChangeClipboardChain
IsMenu
EnableScrollBar
LoadMenuIndirectA
DialogBoxParamW

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22e3e0b0e84b57c38f9d20bc5b8ae726

Headers

File Characteristics

Imports

comctl32

advapi32

comdlg32

kernel32

gdi32

user32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 88KB - Virtual size: 100KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 88KB - Virtual size: 100KB

.rsrc
Size: 20KB - Virtual size: 19KB