3c57df0948490488500e10775a24ccc3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c57df0948490488500e10775a24ccc3_JaffaCakes118
Size

728KB
MD5

3c57df0948490488500e10775a24ccc3
SHA1

660579f3f5614ce431e53b95adf79c6c52c6fa31
SHA256

2e491efc35fc76ab51302989777f13e19cfea7e5600ad9ff99608e89209ebf02
SHA512

81956d45473c430e28286dd260a25646568928a09caeb220770646024f86ae8cbcbd6f8bdaf66ee05193d3c013c872bfc0625e712b79c05cfaa93008ff47e66e
SSDEEP

12288:szAWLK6QgjABt4x3sJ702fEiGvVESZ271rOUSXkHuYmzTD4jOdiWAIyc2Ze:szA0KLFJf0ESc71KUSXkxm/D4w8Iyne

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c57df0948490488500e10775a24ccc3_JaffaCakes118

Files

3c57df0948490488500e10775a24ccc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb881fa4bb7093645edaa693c47c87eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
GetGUIThreadInfo
EndDialog
GetMenuStringW
SubtractRect
CloseWindowStation
BroadcastSystemMessage
DeferWindowPos
CopyAcceleratorTableW
LoadStringA
GetMessageA
DefWindowProcA
DrawStateW
DragDetect
SendMessageTimeoutW
CreateWindowExA
MessageBoxW
CreateDialogParamW
CharLowerA
DdeUninitialize
SetMenuItemBitmaps
GetDlgItemTextW
ShowWindow
GetIconInfo
GetTabbedTextExtentW
DestroyWindow
RegisterClassExA
GetDCEx
DialogBoxIndirectParamA
GetClipboardData
LoadCursorFromFileA
UnregisterClassW
SetDoubleClickTime
SetMenuContextHelpId
GetNextDlgTabItem
GetClassWord

comctl32

ImageList_GetImageRect
ImageList_EndDrag
CreateMappedBitmap
CreateToolbarEx
ImageList_GetImageInfo
ImageList_DrawEx
DrawStatusText
ImageList_LoadImageW
ImageList_GetIcon
ImageList_DrawIndirect
InitCommonControlsEx
ImageList_GetIconSize
GetEffectiveClientRect
DestroyPropertySheetPage
ImageList_LoadImage

kernel32

HeapDestroy
TerminateThread
GetSystemDefaultLCID
EnumDateFormatsA
GetTimeFormatA
VirtualFreeEx
GetACP
TlsAlloc
CreateFileA
FindAtomA
GetCommandLineA
GetCPInfo
IsDebuggerPresent
lstrcmp
SetEvent
IsBadReadPtr
ReadFile
GetDateFormatA
SetUnhandledExceptionFilter
SetConsoleTextAttribute
VirtualAlloc
GetCurrentProcess
QueryPerformanceCounter
GetUserDefaultLCID
WriteConsoleW
WaitForDebugEvent
CompareStringA
WideCharToMultiByte
FlushFileBuffers
GetVolumeInformationW
LocalHandle
CreateMailslotW
GetExitCodeProcess
GetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
GetModuleHandleW
SetConsoleCtrlHandler
WriteProfileStringA
SetStdHandle
DeleteFiber
GlobalGetAtomNameW
DebugBreak
IsValidCodePage
CommConfigDialogW
CloseHandle
GetEnvironmentStrings
GetTimeZoneInformation
RtlMoveMemory
SetConsoleActiveScreenBuffer
GetStdHandle
WritePrivateProfileSectionA
InterlockedIncrement
SetLastError
FreeEnvironmentStringsW
GetConsoleCP
lstrcat
GetTempPathA
HeapCreate
FreeLibrary
CreateDirectoryA
CreateMutexA
TerminateProcess
lstrcmpi
FreeEnvironmentStringsA
TlsSetValue
GetLocaleInfoW
MultiByteToWideChar
GetFileTime
OpenEventA
WaitForSingleObjectEx
GetModuleFileNameW
OutputDebugStringW
CreateWaitableTimerW
GetPrivateProfileStringA
RtlUnwind
GetPrivateProfileIntW
lstrcpy
GetProcessHeap
InterlockedExchange
lstrlenA
GetFileType
GetLocaleInfoA
OutputDebugStringA
VirtualAllocEx
EnterCriticalSection
GetConsoleTitleW
OpenWaitableTimerA
Sleep
GetModuleHandleA
MoveFileW
UnhandledExceptionFilter
GetDriveTypeW
InterlockedDecrement
RaiseException
DeleteCriticalSection
GlobalFlags
IsValidLocale
SetEnvironmentVariableA
GetCommandLineW
SetFilePointer
GetConsoleOutputCP
HeapSize
VirtualQueryEx
CompareFileTime
TlsGetValue
MapViewOfFileEx
GetModuleFileNameA
ExpandEnvironmentStringsW
LCMapStringA
CreateFileMappingW
TransactNamedPipe
HeapAlloc
LoadLibraryW
GetThreadSelectorEntry
GetStartupInfoA
GetCurrentThread
CompareStringW
GetPrivateProfileSectionW
WriteFile
GetStringTypeW
EnumCalendarInfoExW
GetNumberFormatW
EnumSystemLocalesA
GetCurrencyFormatW
ExitProcess
GetLongPathNameW
GetTickCount
GetCurrentProcessId
AddAtomW
GetProcAddress
EnumSystemCodePagesA
LCMapStringW
UnlockFileEx
SetThreadContext
GetAtomNameW
HeapValidate
GetOEMCP
LeaveCriticalSection
GetSystemTimeAsFileTime
VirtualFree
GetPrivateProfileSectionNamesA
WriteConsoleA
GetEnvironmentStringsW
HeapReAlloc
HeapFree
TlsFree
WriteProfileSectionW
WriteProfileSectionA
LoadLibraryA
GetTempPathW
GetEnvironmentVariableW
GetConsoleMode
GetStringTypeA
VirtualQuery
SetHandleCount
OpenMutexA

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb881fa4bb7093645edaa693c47c87eb

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 296KB - Virtual size: 293KB

.rdata Size: 292KB - Virtual size: 289KB

.data Size: 112KB - Virtual size: 121KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 296KB - Virtual size: 293KB

.rdata
Size: 292KB - Virtual size: 289KB

.data
Size: 112KB - Virtual size: 121KB

.rsrc
Size: 24KB - Virtual size: 22KB