3cc3ebd162d65cbe2cf2132ddbd69b47_JaffaCakes118

General

Target

3cc3ebd162d65cbe2cf2132ddbd69b47_JaffaCakes118
Size

92KB
MD5

3cc3ebd162d65cbe2cf2132ddbd69b47
SHA1

28282a612b25fa6a623d70079da4b303045cd06b
SHA256

0d37ae027fd17dc238686da29e3134fda82d0b6812ab45237ff56bdc4e934dbb
SHA512

a429027249e00c7bdb8829dd488008dfd23051a2fabc5ac32a07940754db49b4be59bacc7877bbcb357cc32ec1a9861a7d26fcbcc49a2c95e16bf4542610970c
SSDEEP

1536:3CChTlZoa3N47oijxWonSC/7vucHYC5ziA/L5uAnrmB9TDj:3CChTl9HMxV/7vr5zDL7mBxH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc3ebd162d65cbe2cf2132ddbd69b47_JaffaCakes118

Files

3cc3ebd162d65cbe2cf2132ddbd69b47_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30cf6a18c60d5969e5452d5e1193a659

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
lstrcpyW
FindNextChangeNotification
FindFirstFileW
GetLocalTime
LoadResource
GlobalLock
FreeLibrary
SetEndOfFile
CreateFileW
CreateProcessW
SetFilePointer
CloseHandle
GetProcAddress
GetLogicalDrives
WaitForSingleObject
GlobalAddAtomW
SizeofResource
VirtualFree
FindResourceExW
WritePrivateProfileStringW
CancelWaitableTimer
ResumeThread
Sleep
TerminateThread
DuplicateHandle
FileTimeToSystemTime
GlobalDeleteAtom
SetCurrentDirectoryW
GetFileAttributesExW
LoadLibraryA
InterlockedDecrement
GetCurrentThread
GetFileSize
ReadProcessMemory

user32

GetSystemMetrics
DispatchMessageW
GetWindowTextW
RegisterHotKey
SetDlgItemTextW
PostQuitMessage
DrawTextW
SendMessageW
DestroyIcon
GetWindowRect
LoadCursorW
LoadStringW
UpdateWindow
SystemParametersInfoW
PostMessageW
SetForegroundWindow
LoadImageW
IsDlgButtonChecked

gdi32

GetClipBox
SetBkColor
CreateBitmap
SetBkMode
LineTo
CreateICW
CreateFontIndirectW
DeleteDC

advapi32

RegDeleteValueW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor
RegQueryValueExW
RegSetValueExW

Sections

.pyum
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hgjv
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jvfnp
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30cf6a18c60d5969e5452d5e1193a659

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.pyum Size: 80KB - Virtual size: 76KB

.hgjv Size: 4KB - Virtual size: 1KB

.jvfnp Size: 4KB - Virtual size: 22KB

.pyum
Size: 80KB - Virtual size: 76KB

.hgjv
Size: 4KB - Virtual size: 1KB

.jvfnp
Size: 4KB - Virtual size: 22KB