3d46ba252a00f1ebfc7d00ff45605ecc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d46ba252a00f1ebfc7d00ff45605ecc_JaffaCakes118
Size

2.0MB
MD5

3d46ba252a00f1ebfc7d00ff45605ecc
SHA1

a759af7890e68b138ef62227ff80ad42acdee553
SHA256

f723910bae131ac8c267782e53207de109468fcc3de5662ffa43d3aae820cf31
SHA512

33f98aa74e4f01203b2c396ac6476fa72b511baf2ec12c1723090892b1332e0eef5471b4174fa3802c22384661ea8d7e9a985f48be74f0851a087de107371f8e
SSDEEP

49152:qv8YV/cSC9TnfWOvYPuzTit4ugyfAq4D/bZ+1m:0pcSYTn+OUngmAq4XZ7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d46ba252a00f1ebfc7d00ff45605ecc_JaffaCakes118

Files

3d46ba252a00f1ebfc7d00ff45605ecc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54c9fc836bf2d51b99a45d9c87c45c94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePen
CreateCompatibleBitmap
CreateDIBSection
GetTextExtentPointW
SetMapMode
LineTo
GetTextExtentPoint32W
CreateRectRgnIndirect
ExtTextOutW
GetDeviceCaps
RestoreDC
Rectangle
GetBitmapBits
TextOutA
GetTextColor
Rectangle
CreateFontIndirectA
CreateHalftonePalette
PtVisible

msvcrt

wcsncpy
exit
_cexit
_onexit

ole32

CoGetInterfaceAndReleaseStream
CoFreeUnusedLibraries
CoInitializeEx
CreateBindCtx
CoSetProxyBlanket
IIDFromString

user32

EnableWindow
CheckRadioButton
EndDialog
GetClientRect
IsDlgButtonChecked
GetKeyState
GetFocus
SystemParametersInfoA
DeleteMenu
GetMessagePos
CharUpperW

ntdll

RtlInitString
RtlUnicodeStringToInteger
NtEnumerateValueKey
RtlAllocateAndInitializeSid
NtWaitForSingleObject
RtlCreateUnicodeString
NtOpenFile
wcstoul
RtlCompareUnicodeString
NtQueryKey

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

RegQueryValueExA
RegEnumValueW
RegOpenKeyExW
FreeSid
RegDeleteKeyW
InitializeSecurityDescriptor

kernel32

GetCommandLineW
LoadLibraryW
GetLocaleInfoA
VirtualAlloc
GetCurrentProcessId
GetStartupInfoW
CreateMutexA
VirtualFree
GetCurrentDirectoryW
GetConsoleOutputCP
GetFullPathNameW
OutputDebugStringW
FlushFileBuffers
GetTimeFormatA
GetCurrentProcess
FindNextFileA
ExitProcess
GetModuleHandleW
GetCurrentProcess
VirtualAlloc
GetModuleHandleW
GetStartupInfoW
LeaveCriticalSection
GetCurrentProcessId
VirtualFree
ExitProcess
GetCommandLineW

Sections

.text
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 954KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 965KB - Virtual size: 965KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54c9fc836bf2d51b99a45d9c87c45c94

Headers

File Characteristics

Imports

gdi32

msvcrt

ole32

user32

ntdll

version

advapi32

kernel32

Sections

.text Size: 12KB - Virtual size: 13KB

.data Size: 68KB - Virtual size: 69KB

.rdata Size: 954KB - Virtual size: 6.4MB

.idata Size: 965KB - Virtual size: 965KB

.rdata Size: 12KB - Virtual size: 12KB

.rsrc Size: 74KB - Virtual size: 74KB

.text
Size: 12KB - Virtual size: 13KB

.data
Size: 68KB - Virtual size: 69KB

.rdata
Size: 954KB - Virtual size: 6.4MB

.idata
Size: 965KB - Virtual size: 965KB

.rdata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 74KB - Virtual size: 74KB