3c37570515e7a199cd5eacf6f16257f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c37570515e7a199cd5eacf6f16257f3_JaffaCakes118
Size

764KB
MD5

3c37570515e7a199cd5eacf6f16257f3
SHA1

2e2be8514c283b1ead9f6f18f961dde4f5f24390
SHA256

7e18d72d0dce892754a1f264efceacce3d5544c797c8f267e402bf70a8e22fdf
SHA512

6245d5bb7a6930a13decb36e4789015050adfd148e8590b8a1689203d9038eac3e0b5e93f9e01721c1a93cdc18977e68559c214f0866a0a64e7907f1eb71ccc8
SSDEEP

12288:U0/zSknQsmbFlXTPhvHA7azeJ6EXJu2r25:8tbFR9A7aC7XJu2r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c37570515e7a199cd5eacf6f16257f3_JaffaCakes118

Files

3c37570515e7a199cd5eacf6f16257f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d20a9e341245699775e8760818473a10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GlobalAlloc
GetProcAddress
LoadLibraryA
SetErrorMode
InitializeCriticalSection
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
IsDBCSLeadByte
GetACP
GetCPInfo
Sleep
WaitForMultipleObjects
CreateThread
ExitThread
WinExec
CopyFileA
WriteFile
SetEndOfFile
DeleteFileA
GetVersionExA
CreateFileA
GetFileSize
SetFilePointer
CloseHandle
GlobalUnlock
GlobalLock
GetModuleFileNameA
GetCommandLineA
GetModuleHandleA
ExitProcess
lstrlenA
GetStartupInfoA
CreateProcessA
EnterCriticalSection
GlobalFree
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter

user32

SetTimer
GetFocus
SetCapture
ReleaseCapture
SetCursor
EndPaint
BeginPaint
MessageBoxA
DeleteMenu
ClientToScreen
TrackPopupMenu
GetCapture
GetCursorPos
WindowFromPoint
ScreenToClient
MapVirtualKeyA
CheckMenuItem
InvalidateRect
PostMessageA
GetDlgItemTextA
EnableWindow
SetDlgItemTextA
SetFocus
GetClientRect
GetMenu
SetMenu
GetDesktopWindow
MoveWindow
DialogBoxParamA
FillRect
KillTimer
EnableMenuItem
PostQuitMessage
LoadMenuA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
GetMessageA
TranslateMessage
DispatchMessageA
TranslateAcceleratorA
GetWindow
GetWindowRect
SetWindowPos
GetWindowLongA
DefWindowProcA
IsWindow
DestroyWindow
CreateWindowExA
SetWindowLongA
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
GetKeyState
EmptyClipboard
SetClipboardData
EndDialog
GetSubMenu
LoadStringA
OpenClipboard
GetClipboardData
CloseClipboard
GetDC
ReleaseDC
GetWindowTextLengthA
GetDlgItem
DestroyMenu

gdi32

SetPolyFillMode
StrokePath
ExtCreatePen
DeleteObject
SelectObject
StretchDIBits
SetDIBitsToDevice
GdiFlush
CreateCompatibleBitmap
DeleteDC
CreateDIBSection
GetDeviceCaps
EndPath
CreateCompatibleDC
BitBlt
EnumFontFamiliesA
ExtTextOutA
SetBkColor
GetBkColor
SetTextAlign
SetBkMode
SetTextColor
SelectClipRgn
LineTo
MoveToEx
CreatePen
GetTextExtentPoint32A
GetTextMetricsA
GetTextAlign
GetBkMode
GetTextColor
IntersectClipRect
GetClipRgn
CreateRectRgn
CreateFontIndirectA
DPtoLP
GetObjectA
RealizePalette
StartDocA
LPtoDP
StartPage
EndPage
EndDoc
BeginPath
CreatePalette
SelectPalette
GetSystemPaletteEntries
FillPath
SelectClipPath
PolyBezierTo
GetClipBox
SaveDC
RestoreDC
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA

advapi32

RegSetValueA
RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegSetValueExA

shell32

DragQueryFileA
DragAcceptFiles

winmm

timeKillEvent
timeSetEvent
waveOutReset
timeEndPeriod
timeGetTime
timeBeginPeriod
timeGetDevCaps
waveOutGetDevCapsA
waveOutClose
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutOpen

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d20a9e341245699775e8760818473a10

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

winmm

Sections

.text Size: 276KB - Virtual size: 274KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 12KB - Virtual size: 17KB

.data1 Size: 4KB - Virtual size: 176B

.rsrc Size: 40KB - Virtual size: 37KB

.rrdata Size: 60KB - Virtual size: 60KB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 12KB - Virtual size: 17KB

.data1
Size: 4KB - Virtual size: 176B

.rsrc
Size: 40KB - Virtual size: 37KB

.rrdata
Size: 60KB - Virtual size: 60KB