3ca52df8952576430a49031d8c691a7e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3ca52df8952576430a49031d8c691a7e_JaffaCakes118
Size

152KB
MD5

3ca52df8952576430a49031d8c691a7e
SHA1

4a9b82c24563cac686ca1078331f56e453ef2697
SHA256

04305ad8d2020e86bf012c955539f9f465515fbb184915bcaaca1ef852d76245
SHA512

5c9c79944d9addb6e1e3b02edca3a828c497d727c6b6476a5eeae94432072cc25cc3001cf3e85ade2b643b3095f7903449abeaed2481a7749df47e5186282bc8
SSDEEP

3072:drb7lkh/IdUgLTHujTnXanHIP6llhZ1FvgG:VHih/8UgQanHICHhh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ca52df8952576430a49031d8c691a7e_JaffaCakes118

Files

3ca52df8952576430a49031d8c691a7e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cec7f8880cacfb658e6dbbea7a68059

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lwrite
GetProfileStringA
MultiByteToWideChar
GlobalReAlloc
lstrcmpiA
MulDiv
AreFileApisANSI
GetModuleFileNameA
DebugBreak
LoadLibraryA
GetProcAddress
_llseek
WritePrivateProfileStringA
FreeLibrary
GetVersionExA
SetFileApisToANSI
GetPrivateProfileStringA
GetPrivateProfileIntA
WinExec
lstrlenA
lstrcpyA
lstrcatA
GlobalFree
OpenFile
_lread
_lclose
GlobalLock
GetSystemTime
InterlockedDecrement
SetEndOfFile
SetFilePointer
CreateFileA
ReadFile
FlushFileBuffers
SetStdHandle
RtlUnwind
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
CloseHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WideCharToMultiByte
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedIncrement
GlobalUnlock
CompareStringW
DeleteFileA
GlobalAlloc
WriteFile
GetStdHandle
HeapAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetDriveTypeA
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
MoveFileA
GetLastError
GetCurrentProcess
TerminateProcess
ExitProcess
GetLocalTime
GetTimeZoneInformation
HeapValidate
IsBadReadPtr
IsBadWritePtr
OutputDebugStringA
CompareStringA
GetTickCount

user32

SetCursor
CreateWindowExA
wsprintfA
RegisterClassA
LoadIconA
DestroyWindow
EndDialog
PostQuitMessage
CreateDialogIndirectParamA
DefWindowProcA
FillRect
GetClientRect
UpdateWindow
ShowWindow
SetWindowPos
PostMessageA
EnableWindow
GetDlgItem
GetFocus
InvalidateRect
EndPaint
GetWindowLongA
BeginPaint
SetWindowLongA
GetWindowTextA
GetSysColor
DrawIcon
DialogBoxIndirectParamA
GetMessageA
LoadStringA
ReleaseDC
GetDC
DefDlgProcA
DrawTextA
DrawFocusRect
InflateRect
PeekMessageA
SendDlgItemMessageA
SendMessageA
CheckDlgButton
CheckRadioButton
SetDlgItemTextA
IsDlgButtonChecked
IsWindowEnabled
GetDlgItemTextA
MessageBeep
GetDesktopWindow
wvsprintfA
CallWindowProcA
GetWindowWord
GetWindowRect
ScreenToClient
LoadBitmapA
SetTimer
SetFocus
SetWindowTextA
KillTimer
GetClassInfoA
IsWindowVisible
GetParent
PtInRect
GetCursorPos
ReleaseCapture
GetAsyncKeyState
SetCapture
SetCursorPos
ClientToScreen
IsDialogMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
GetSystemMetrics
LoadCursorA

gdi32

SetTextAlign
RealizePalette
SelectPalette
SelectObject
GetObjectA
DeleteDC
CreateCompatibleDC
DeleteObject
GetStockObject
StretchBlt
TextOutA
SetBkMode
LineTo
MoveToEx
CreatePen
CreateFontA
GetDeviceCaps
SetTextColor
CreateSolidBrush
SetBkColor
BitBlt
FloodFill

winmm

mciSendStringA

cram32

ord6

iq_com32

ord19
ord120
ord5
ord4
ord31
ord3
ord8
ord7
ord30
ord91
ord22
ord9
ord13
ord6
ord92
ord15
ord2
ord12
ord14
ord80
ord20
ord32
ord23

sslib32

PipeLineLoadBitmap

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cec7f8880cacfb658e6dbbea7a68059

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

cram32

iq_com32

sslib32

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 34KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 34KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 6KB