3b9d375fba32ef6eb0ab183cb75d2ff0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b9d375fba32ef6eb0ab183cb75d2ff0_JaffaCakes118
Size

140KB
MD5

3b9d375fba32ef6eb0ab183cb75d2ff0
SHA1

fdc1a752bfc179141b260933b9d2635f7dea3a68
SHA256

14e53086c450ca63cd233b9bfdf95402e51f2d72004aafd10ba4e34e899620ff
SHA512

f34fd6c43aee3dc52dfcef09a7a411c1ff4dee40a4738ba844a01e4f007631327a1763d4fa7b59a8b5e9c4d762f51f754554ed0f2995ad89796c1f5c019a2f89
SSDEEP

3072:tQB3zc8U/boXbGRKrlDIhMF/VRBKxGpkqlM/PVa75r1u/o:t23zG8SKKhcpKxpVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b9d375fba32ef6eb0ab183cb75d2ff0_JaffaCakes118

Files

3b9d375fba32ef6eb0ab183cb75d2ff0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a724c4e7c32c1f1f5d2eb0337f1399b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
CreateThread
WaitForSingleObject
CloseHandle
Sleep
LocalFree
lstrcpyA
FindResourceA
LoadResource
SizeofResource
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
LocalAlloc
GlobalFree
lstrlenA
HeapAlloc

user32

CloseClipboard
MessageBoxA
CopyImage
EmptyClipboard
OpenClipboard
ReleaseDC
SendMessageA
CreateWindowExA
UpdateWindow
InvalidateRect
DefWindowProcA
SetDlgItemTextA
GetWindowTextA
GetWindowTextLengthA
PostMessageA
SendDlgItemMessageA
SetTimer
SetFocus
GetDlgItem
LoadIconA
LoadCursorA
RegisterClassExA
GetSystemMetrics
AdjustWindowRect
ShowWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetLayeredWindowAttributes
DestroyWindow
BeginPaint
GetSysColorBrush
FillRect
GetSysColor
EndPaint
PostQuitMessage
GetDC
SetClipboardData

gdi32

TextOutA
SetBkMode
DeleteDC
RestoreDC
BitBlt
DeleteObject
CreateCompatibleBitmap
SaveDC
CreateCompatibleDC
GetObjectA
CreateFontIndirectA
SelectObject
SetTextColor
GetTextExtentPoint32A

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

comctl32

ord17

winmm

waveOutPrepareHeader
waveOutClose
waveOutWrite
waveOutUnprepareHeader
waveOutOpen

wsock32

ntohs
ntohl

msvcrt

__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strncmp
??2@YAPAXI@Z
strcat
strchr
strcpy
memset
memcpy
free
time
strlen
sprintf
_timezone
malloc
__set_app_type
_except_handler3
_controlfp
_putenv
__p__fmode

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a724c4e7c32c1f1f5d2eb0337f1399b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

comctl32

winmm

wsock32

msvcrt

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 123KB

.rsrc Size: 113KB - Virtual size: 112KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 123KB

.rsrc
Size: 113KB - Virtual size: 112KB