3c4ed44c29f1ae8b346c0ebade92c6da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c4ed44c29f1ae8b346c0ebade92c6da_JaffaCakes118
Size

183KB
MD5

3c4ed44c29f1ae8b346c0ebade92c6da
SHA1

0ab8d7b578d5bc7c2f0c733e93739b0df040c5bd
SHA256

4e66cb523d8f809eda779ce6acdd23172e8bd03084bb8c976bcf3792a461d433
SHA512

28692118cd39a58bf6c047e7cf3149fc3af41a6ff19978df659dbf98972976f5e421639cf0fd71c2a1461b5d3484971cecdaaf767b507b3506b740125d1881e5
SSDEEP

3072:RIL4cewfF6FmgF63CLjPentd85YPx37jfA0YC5HE9WVHzYmQWuB:RMY4FobF63OutzPV3fpYCxMkH7u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c4ed44c29f1ae8b346c0ebade92c6da_JaffaCakes118

Files

3c4ed44c29f1ae8b346c0ebade92c6da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a273b6b8e7b4ffae0995b9f0afd3530

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoCreateInstance
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoInitialize
OleFlushClipboard
CoRetireServer
CoUninitialize
CoRevokeClassObject
CoTaskMemFree
CLSIDFromProgID
OleIsCurrentClipboard
OleInitialize
OleUninitialize
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoGetClassObject
StgOpenStorageOnILockBytes
CLSIDFromString

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegDeleteKeyW
RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueW
RegQueryValueExW

shlwapi

PathFindFileNameW
PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecW
PathFileExistsW
PathAppendW

gdi32

GetMapMode
SetWindowExtEx
SetViewportOrgEx
ScaleViewportExtEx
DeleteDC
ExtSelectClipRgn
OffsetViewportOrgEx
PtVisible
ScaleWindowExtEx
Escape
GetDeviceCaps
RectVisible
ExtTextOutW
GetStockObject
SelectObject
GetTextColor
TextOutW
GetBkColor
GetRgnBox

kernel32

RemoveDirectoryW
GetCalendarInfoW
CreateDirectoryW
SystemTimeToFileTime
GetSystemDefaultLangID
InterlockedDecrement
FindNextFileW
GetLocaleInfoW
LocalFileTimeToFileTime
ReadFile
DeleteFileW
lstrcpyW
GetCurrentProcessId
LoadLibraryW
GetFileAttributesW
MultiByteToWideChar
EnumResourceNamesA
SetFileTime
GetModuleFileNameW
SetFilePointer
ExitProcess
EnumResourceLanguagesW
CreateFileW
ConvertDefaultLocale
GetVersion
WriteFile
FindFirstFileW
MoveFileW
WideCharToMultiByte
FindClose
GetCurrentDirectoryW
GetProcAddress

user32

CharNextW
RegisterWindowMessageW
SetRect
GetNextDlgTabItem
InvalidateRgn
GetNextDlgGroupItem
GetPropW
IsRectEmpty
InvalidateRect
GetClassLongW
SetPropW
WinHelpW
CreateWindowExW
MessageBeep
GetClassInfoExW
CopyAcceleratorTableW
RemovePropW
SendDlgItemMessageA
CharUpperW
DestroyMenu

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a273b6b8e7b4ffae0995b9f0afd3530

Headers

File Characteristics

Imports

oleacc

ole32

shell32

advapi32

shlwapi

gdi32

kernel32

user32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 74KB - Virtual size: 74KB

.edata Size: 1024B - Virtual size: 372KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 74KB - Virtual size: 74KB

.edata
Size: 1024B - Virtual size: 372KB