3bbd7f8bc159255af72f5ae8f5e154e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3bbd7f8bc159255af72f5ae8f5e154e1_JaffaCakes118
Size

347KB
MD5

3bbd7f8bc159255af72f5ae8f5e154e1
SHA1

7d64e91be2f0001d061aff2c04d0d6fdde57698b
SHA256

c6ce0d660fa358e1ac51c202540fbf4dc34b91361bf3c672bcdeb2bf00536551
SHA512

0e511abfb87d8257c74db80e6a58ab635b52c46a6e4e47af20a488677fa397fedc4f7f8263d8bdea47fbfc33c486cad72daa5fd6b2ec8893e500759137c893e5
SSDEEP

3072:qmmSe/AisK4eh9CH3OEdsEN0dJ3bWVaNHXMwqIZ74+7UiyzM2xJ8LxmyDzxl22a:zdeaqkH3OTEN0DLPN8zi74xzNJGDnxa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bbd7f8bc159255af72f5ae8f5e154e1_JaffaCakes118

Files

3bbd7f8bc159255af72f5ae8f5e154e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

870a27f1ec0080fd5bca83c8665911a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateDIBSection
CreateEllipticRgn
CreatePenIndirect
EndPath
ExtEscape
GetCharWidthA
GetNearestPaletteIndex
GetObjectA
GetObjectType
GetPaletteEntries
GetTextExtentPointA
OffsetWindowOrgEx
PtVisible
SetBkMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetViewportExtEx
SetWinMetaFileBits
SetWorldTransform
StartPage
UnrealizeObject

advapi32

DeleteService
DeregisterEventSource
EqualSid
IsValidSid
OpenSCManagerA
OpenSCManagerW
OpenServiceA
RegDeleteKeyA
RegEnumKeyW
RegEnumValueA
RegQueryInfoKeyA
RegQueryValueExA

user32

AdjustWindowRectEx
CharNextA
CreateMenu
CreateWindowExA
DialogBoxParamA
DrawFrameControl
DrawIconEx
GetCapture
GetClientRect
GetCursorPos
GetIconInfo
GetKeyState
GetMenuItemCount
GetMenuState
GetScrollInfo
GetSysColorBrush
GetWindowLongA
InflateRect
IntersectRect
IsZoomed
MapWindowPoints
RegisterClipboardFormatA
ScrollWindow
SendDlgItemMessageA
SetClassLongA
SetCursor
UnhookWindowsHookEx

comctl32

CreateToolbarEx
DestroyPropertySheetPage
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_Write
InitializeFlatSB

kernel32

CreateFileMappingA
FlushFileBuffers
GetEnvironmentVariableA
GetFileSize
GetLocaleInfoA
GetThreadLocale
GetUserDefaultLangID
HeapFree
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
LoadResource
MulDiv
QueryPerformanceCounter
SetCurrentDirectoryA
TlsAlloc
lstrcmpA
lstrcpynA

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoGetClassObject
CoInitializeEx
CoInitializeSecurity
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
GetRunningObjectTable
IIDFromString
IsEqualGUID
OleGetClipboard
OleIsCurrentClipboard
PropVariantClear
RevokeDragDrop
StgOpenStorageOnILockBytes

shell32

DragAcceptFiles
DragQueryFileA
SHBrowseForFolder
SHBrowseForFolderW
SHChangeNotify
SHFileOperationA
SHGetDesktopFolder
SHGetFolderLocation
SHGetSpecialFolderPathW
ShellExecuteExA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

LaGcxNgW
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

870a27f1ec0080fd5bca83c8665911a8

Headers

File Characteristics

Imports

gdi32

advapi32

user32

comctl32

kernel32

ole32

shell32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

LaGcxNgW Size: 138KB - Virtual size: 140KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

LaGcxNgW
Size: 138KB - Virtual size: 140KB