3c1eed95e7ea04f3cef2b607f8713dba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3c1eed95e7ea04f3cef2b607f8713dba_JaffaCakes118
Size

164KB
MD5

3c1eed95e7ea04f3cef2b607f8713dba
SHA1

51bb415e15631b8e5d4414c347ce6da58da1892a
SHA256

0bd74a8d98987b1a9ef4a5271be72638e7b56e624926a0e8776dc5e4fb9c6d9b
SHA512

5110cdd99fc937c1a70d7fb647e666d4f37af69497640055374b1eef1baba9e308510a618d4e1049a6bc0c10425d43d9725c5142129f12972245ba6722d0762c
SSDEEP

3072:mvZgiywgptbLi17nYerYen5f1Kb+Ur9iVKcI1v2SNvGMXHJZ276Whfl7OYPU:qZhK7yn/rDnWbNjpVNJsDhfkY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c1eed95e7ea04f3cef2b607f8713dba_JaffaCakes118

Files

3c1eed95e7ea04f3cef2b607f8713dba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

903ee506b61fd241c743cb8a2a6a8596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperA
GetKeyState
CharNextA
MessageBoxA
wsprintfW
wsprintfA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashA

kernel32

DeleteCriticalSection
GetTempPathW
UnmapViewOfFile
MultiByteToWideChar
GetEnvironmentVariableA
GetStringTypeW
RtlUnwind
GetPriorityClass
GetCPInfo
CreateFileW
LeaveCriticalSection
SetUnhandledExceptionFilter
CreateMutexA
CreateFileMappingA
SetLastError
GlobalFree
GetThreadIOPendingFlag
TlsAlloc
WideCharToMultiByte
GetStdHandle
RaiseException
FileTimeToLocalFileTime
GetCurrentThreadId
TransmitCommChar
ExitThread
GetTempPathA
GetFileType
InterlockedIncrement
FlushFileBuffers
WritePrivateProfileStringA
ReleaseSemaphore
GetCurrentProcess
SetEvent
LoadLibraryW
TerminateProcess
lstrcmpA
WaitForSingleObject
MapViewOfFile
GetCommandLineA
CompareStringA
GetStringTypeA
GlobalUnlock
WriteFile
HeapAlloc
TlsSetValue
GetSystemTime
FreeEnvironmentStringsA
EnterCriticalSection
GetFullPathNameW
CompareStringW
LCMapStringW
HeapCreate
Sleep
GetTempFileNameA
CloseHandle
EnumResourceNamesW
GetDiskFreeSpaceExA
SetStdHandle
FreeEnvironmentStringsW
TlsFree
CreateThread
GetOEMCP
lstrcmpW
GetLastError
GetModuleHandleA
GetACP
HeapDestroy
IsDBCSLeadByte
UnhandledExceptionFilter
ExitProcess
GetThreadPriority
HeapFree
GetModuleFileNameA
lstrcpyA
InterlockedExchange
GetTickCount
ExitProcess
FreeLibrary
IsBadCodePtr
GetTimeZoneInformation
IsBadWritePtr
SetPriorityClass
GetPrivateProfileStringA
GetStartupInfoA
TlsGetValue
HeapReAlloc
InterlockedDecrement
ResetEvent
GlobalAlloc
FileTimeToSystemTime
OutputDebugStringA
GetProcAddress
SetHandleCount
IsBadReadPtr
GetEnvironmentStringsW
CreateSemaphoreA
SetEndOfFile
HeapSize
InitializeCriticalSection
GetEnvironmentStrings
GetFullPathNameA
LCMapStringA
GetUserDefaultLCID
LoadLibraryA
SetEnvironmentVariableA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

903ee506b61fd241c743cb8a2a6a8596

Headers

File Characteristics

Imports

user32

msimg32

shlwapi

kernel32

advapi32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 19KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 19KB

.crt
Size: 512B - Virtual size: 72KB