3c0e1d819fd180f305cfedba2c59eac1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c0e1d819fd180f305cfedba2c59eac1_JaffaCakes118
Size

384KB
MD5

3c0e1d819fd180f305cfedba2c59eac1
SHA1

37d1e15196ef6a096e82993318d65aa1292241ae
SHA256

0bb529d89644124a744e302068749f1cad947d22aab3b0259e851ad067eed0b4
SHA512

430e97959881586739c22c468fba5ee13dc14f9fb78305dac58a7b28a45fff32ddd389da7a7a7d29fccf0610299b3c185521e7f5487f8e9162674a2b9d10ed9c
SSDEEP

6144:W3nAWqk5Amhi7rFjloJ2VVCLJEo0fB9V+zb4jFeTWpcc7tjU:0ndqkqVrFjTMJEoM+IiWR5jU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c0e1d819fd180f305cfedba2c59eac1_JaffaCakes118

Files

3c0e1d819fd180f305cfedba2c59eac1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3c38e0e8e4cc902529a46c58056b20c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetViewportExtEx
GdiGetBatchLimit
GetPixel
SetPaletteEntries

comctl32

ImageList_Destroy
CreateToolbarEx
MakeDragList
ImageList_Create
ImageList_SetImageCount
ImageList_SetFlags
ImageList_Write
ImageList_DragShowNolock
ImageList_Replace
ImageList_GetImageRect
InitCommonControlsEx
ImageList_BeginDrag
CreateStatusWindowW
ImageList_Remove
DrawInsert
CreateStatusWindowA
CreatePropertySheetPageW
DrawStatusText

advapi32

RegDeleteValueW
RegFlushKey
LookupPrivilegeValueA
ReportEventW
LookupPrivilegeValueW
RegOpenKeyA
DuplicateToken

kernel32

MoveFileA
VirtualFreeEx
CopyFileExA
FlushFileBuffers
WriteConsoleA
ReadConsoleOutputW
lstrcpyW
SetFilePointer
DeleteCriticalSection
OpenFileMappingA
OpenEventA
GetLongPathNameA
VirtualAlloc
TlsFree
GetCalendarInfoW
SetConsoleOutputCP
PulseEvent
EnumCalendarInfoA
GlobalAddAtomW
GetNamedPipeHandleStateA
FillConsoleOutputCharacterA
GetEnvironmentStringsA
SetConsoleActiveScreenBuffer
GetTimeZoneInformation
WriteConsoleOutputW
GetCurrentThread
EnumResourceLanguagesA
IsDebuggerPresent
RemoveDirectoryW
WritePrivateProfileStringW
LCMapStringW
GetStdHandle
EnumResourceLanguagesW
CreateWaitableTimerW
InterlockedDecrement
HeapReAlloc
CreateProcessA
MoveFileExA
HeapSize
VirtualProtect
TerminateProcess
WritePrivateProfileSectionW
IsValidLocale
TlsSetValue
FormatMessageW
LockFileEx
HeapFree
HeapAlloc
FindResourceExA
GetVersionExA
UnmapViewOfFile
GetShortPathNameA
GetCurrentProcessId
OpenMutexA
GetPrivateProfileStructW
LCMapStringA
InitializeCriticalSection
SetHandleCount
FileTimeToDosDateTime
GetUserDefaultLCID
CreateEventA
GetCurrentThreadId
IsValidCodePage
CreateMutexA
GetModuleFileNameA
GetStartupInfoA
SetEnvironmentVariableA
GetStartupInfoW
GetLastError
GetNamedPipeInfo
LoadLibraryA
GetModuleFileNameW
VirtualFree
GetCommandLineA
MoveFileW
FindAtomA
EnumSystemLocalesA
SetConsoleScreenBufferSize
RtlUnwind
GetProcAddress
GetStringTypeW
GetSystemInfo
WaitCommEvent
GetLocaleInfoW
GetProcessAffinityMask
GetCPInfo
GetPrivateProfileStringA
WideCharToMultiByte
GetSystemTimeAsFileTime
EnterCriticalSection
FindResourceA
GetTimeFormatW
GlobalDeleteAtom
IsBadWritePtr
WriteProfileSectionA
SetThreadPriority
GetFileType
FindClose
ReadConsoleInputA
TlsAlloc
QueryPerformanceCounter
GetStringTypeA
EnumSystemCodePagesW
GetOEMCP
GetModuleHandleA
MultiByteToWideChar
SetStdHandle
GetTimeFormatA
EnumResourceNamesA
GetProcessHeaps
SetLastError
CloseHandle
FreeEnvironmentStringsW
Sleep
FindNextFileW
FreeEnvironmentStringsA
HeapCreate
GetDiskFreeSpaceExW
GetACP
CopyFileA
RaiseException
LeaveCriticalSection
GetProfileIntW
UnhandledExceptionFilter
GetDateFormatA
SetVolumeLabelW
OpenWaitableTimerA
GetTickCount
lstrlen
GetCommandLineW
CompareStringA
GetThreadPriorityBoost
WriteFile
EnumResourceTypesW
HeapDestroy
ExpandEnvironmentStringsW
ReadFile
GlobalFree
GetShortPathNameW
LocalUnlock
GetEnvironmentStrings
OpenMutexW
CompareStringW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
lstrcmpiW
TlsGetValue
InterlockedExchange
ExitProcess
GetLocaleInfoA
GetCurrentProcess

user32

RegisterClassExA
OemToCharA
ShowWindow
UnpackDDElParam
AppendMenuA
DdeKeepStringHandle
SetWinEventHook
LoadMenuW
FindWindowExA
SetWindowsHookExW
DrawTextW
RegisterClipboardFormatW
GetMenuItemCount
CallMsgFilterA
GetClipboardFormatNameW
DefWindowProcA
GetActiveWindow
PackDDElParam
GetWindowRect
WINNLSGetIMEHotkey
IsCharAlphaW
RegisterClassA
MessageBoxW
GetKeyboardLayoutNameW
DrawMenuBar
BeginDeferWindowPos
EndDeferWindowPos
LoadMenuIndirectW
ReuseDDElParam
DdeAbandonTransaction
EnableScrollBar
SendInput
DestroyWindow
GetMenuItemID
LoadCursorFromFileA
FindWindowW
CreateWindowExA
DeleteMenu
CharLowerBuffA

shell32

CheckEscapesW
SHUpdateRecycleBinIcon

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3c38e0e8e4cc902529a46c58056b20c

Headers

File Characteristics

Imports

gdi32

comctl32

advapi32

kernel32

user32

shell32

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 96KB - Virtual size: 121KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 96KB - Virtual size: 121KB

.rsrc
Size: 68KB - Virtual size: 64KB