3b6ad2a1e6b5e7f4b504488c26966f98_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b6ad2a1e6b5e7f4b504488c26966f98_JaffaCakes118
Size

189KB
MD5

3b6ad2a1e6b5e7f4b504488c26966f98
SHA1

9e92bc3fe7820536bbce1bbbedc439a28c9e2249
SHA256

e33a407a662b06e7cdd06f558ba5c2dc2f2c60cd2dc074b8d57632264d7ed190
SHA512

4e4299ca632ad7644477c1dc0b8632f16189ae3fcd003a2233cbad0eca933a3d458339242a71eda2730cf11b4bd32e3f8c1b5296852da2ffab1e4ce27fd7a705
SSDEEP

3072:AB89lEp+aJUo89EhEAO3rnhe9JTez8te4jokTSK7UcKVf:ABjYI/O3rhkTeee6Zxns

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b6ad2a1e6b5e7f4b504488c26966f98_JaffaCakes118

Files

3b6ad2a1e6b5e7f4b504488c26966f98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

965b369ea99b36d92ce8d289a3ad4e32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
SetCurrentDirectoryA
lstrcpyA
GetCurrentDirectoryA
lstrcatA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
RemoveDirectoryA
HeapFree
GetProcessHeap
GetVersionExA
WritePrivateProfileStringA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetWindowsDirectoryA
MoveFileExA
GetModuleFileNameA
CloseHandle
CreateProcessA
CopyFileA
GetTempPathA
GetCurrentProcessId
ReadFile
HeapAlloc
GetFileSize
CreateFileA
WaitForSingleObject
FindNextFileA
GetProcAddress
LoadLibraryExA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
GetStringTypeW
GetStringTypeA
WriteFile
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
LCMapStringW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
FindClose
Sleep
lstrlenA
lstrcpynA
lstrcmpA
LoadLibraryA
CreateMutexA
FreeLibrary
HeapDestroy
GetEnvironmentVariableA
OpenProcess
GetLastError
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP

user32

InvalidateRect
UpdateWindow
SetDlgItemTextA
SystemParametersInfoA
GetWindowRect
MoveWindow
SetTimer
GetDlgItem
ShowWindow
EnableWindow
EndDialog
KillTimer
PostMessageA
FindWindowA
SendMessageA
LoadStringA
wsprintfA
MessageBoxA
DialogBoxParamA
SetFocus

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

shell32

SHChangeNotify

comctl32

ord17

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

965b369ea99b36d92ce8d289a3ad4e32

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 128KB - Virtual size: 128KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 128KB - Virtual size: 128KB