3bb37424f0b1401b194dc1f013e7475a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3bb37424f0b1401b194dc1f013e7475a_JaffaCakes118
Size

299KB
MD5

3bb37424f0b1401b194dc1f013e7475a
SHA1

0ff321003f49c9c40a4f6a00899dda23121e568a
SHA256

fec16158d2aa5abfdb8fa9293430cc6893aaf218b8398b86a6df63f4ef2e37c9
SHA512

b545aa726579c3df7178b9c27af8a52b0dd9c47b8582eebabab3d50cacdf7afd046f38109075ab111616dbd01b94ba80651eee199dc6b41e67894278cd16df1a
SSDEEP

6144:n+jfpPM+uSIcO2Vi6lbtlKMNI1PgA8lZXOh0ofA5EjALxuRrX:GpPM+U32AiVI1PgAeq0ofAC8LxuRr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bb37424f0b1401b194dc1f013e7475a_JaffaCakes118

Files

3bb37424f0b1401b194dc1f013e7475a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64cc90ed0dcc5f26a537aaa4929f34bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\rigfroyudk\bergq\t

Imports

comctl32

ImageList_GetIconSize
ImageList_SetImageCount
ImageList_Add
ImageList_DragLeave
ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_GetFlags
ImageList_DragShowNolock
_TrackMouseEvent
DrawInsert
CreateStatusWindowW
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_Read
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_Replace
CreatePropertySheetPageA
MakeDragList
ImageList_GetBkColor
ImageList_AddMasked
CreateMappedBitmap

shell32

SHGetSpecialFolderPathA
SHGetMalloc
ShellAboutW
DuplicateIcon
SHInvokePrinterCommandA

kernel32

TlsFree
GetModuleHandleA
GetStdHandle
GetCPInfo
GetEnvironmentStringsW
GlobalUnlock
GetStringTypeA
TlsSetValue
GetCurrentProcess
GetCurrentThread
VirtualAlloc
SetLastError
lstrcpy
SetEvent
GetTickCount
GetCurrentThreadId
GetLocalTime
HeapDestroy
CreateMutexA
UnhandledExceptionFilter
IsBadWritePtr
FreeEnvironmentStringsW
ExitProcess
GetOEMCP
SetStdHandle
HeapAlloc
GetProcAddress
CompareStringA
RtlUnwind
EnumCalendarInfoW
FreeEnvironmentStringsA
DeleteCriticalSection
CloseHandle
SetEnvironmentVariableA
GetCommandLineA
VirtualQuery
GetStartupInfoA
GetLastError
ReadFile
LCMapStringW
GetCurrentProcessId
CreateSemaphoreA
QueryPerformanceCounter
GetFileType
SetThreadContext
VirtualFree
LoadLibraryA
InitializeCriticalSection
GetStringTypeW
LCMapStringA
TlsGetValue
InterlockedExchange
SetLocalTime
OpenMutexA
DebugActiveProcess
SetFilePointer
SetThreadIdealProcessor
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
GetACP
TlsAlloc
HeapCreate
SetHandleCount
GetSystemTime
FlushFileBuffers
CompareStringW
InterlockedDecrement
WriteFile
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
HeapFree
GetVersion
GetTimeZoneInformation
GetModuleFileNameA
WideCharToMultiByte
InterlockedIncrement
GetEnvironmentStrings

user32

GetUserObjectSecurity
GetDlgItemTextW
GetTabbedTextExtentA
SetMenuContextHelpId
DdeQueryStringW
ShowWindow
GetActiveWindow
GetPropA
InternalGetWindowText
InsertMenuItemW
GetClassLongW
PeekMessageW
RegisterClassExA
RegisterClassA
SetClassLongW
MessageBoxA
EnumDisplaySettingsExA
DestroyWindow
DestroyCursor
EnumChildWindows
CreateWindowExW
AdjustWindowRect
DefWindowProcW
ReuseDDElParam
RegisterDeviceNotificationA
LookupIconIdFromDirectory
SetClipboardData

gdi32

GetFontLanguageInfo
GetTextExtentExPointA
SelectPalette
PlgBlt
GetBkMode
GetEnhMetaFileHeader
Pie
GetTextColor
SaveDC
StartPage
SelectClipPath
GetMetaFileA

comdlg32

GetFileTitleA
ReplaceTextW
ChooseColorW

wininet

FindCloseUrlCache

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64cc90ed0dcc5f26a537aaa4929f34bf

Headers

File Characteristics

PDB Paths

Imports

comctl32

shell32

kernel32

user32

gdi32

comdlg32

wininet

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 83KB - Virtual size: 94KB

.data Size: 87KB - Virtual size: 86KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 83KB - Virtual size: 94KB

.data
Size: 87KB - Virtual size: 86KB

.rsrc
Size: 17KB - Virtual size: 16KB