3d5e62993836354843364422c4938573_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d5e62993836354843364422c4938573_JaffaCakes118
Size

640KB
MD5

3d5e62993836354843364422c4938573
SHA1

ee89a48bc0d2197f423163690a0d5e391d052786
SHA256

b4dbbc064e0a0b83f37675c87a02e75370a11022e162bfff15c4f9374b6372a8
SHA512

fb97e708bf2c85b78af52242086c2384d426eaca3a508bcd7b5b40cf8af46cafad1d360ba0f8d748592500a52e65bd7678d10f2ce7335f82dd2841e0c00fdcc6
SSDEEP

12288:GceFXrUeoQoIrOuo3lMjH6epxiuTVai72xCy2zRkda:GcUnrOtIa8xiUKxRa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d5e62993836354843364422c4938573_JaffaCakes118

Files

3d5e62993836354843364422c4938573_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f3ed1aab0c17512d1f38ffb297a3067

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AppendMenuW
CreateDialogParamA
DefFrameProcA
SetWindowsHookW
TranslateMessage
EnumDisplaySettingsExW
KillTimer

shell32

SHBrowseForFolderA
Shell_NotifyIconW
DragFinish
SHFileOperationA

version

VerInstallFileA

kernel32

ExpandEnvironmentStringsW
SetConsoleTitleA
FindFirstFileExW
WritePrivateProfileStringW
WriteConsoleOutputCharacterA
SetTimeZoneInformation
VirtualProtect
DeleteCriticalSection
PurgeComm
FindFirstFileA
ScrollConsoleScreenBufferA
FindFirstFileW
SetLastError
QueryDosDeviceA
GlobalFlags
ExitProcess
InitializeCriticalSection
EnumResourceNamesW
PeekNamedPipe
GlobalFindAtomW
GetBinaryTypeA
LoadLibraryExW
VirtualLock
CreateProcessA
ReadConsoleInputW
LocalFileTimeToFileTime
GetDriveTypeW
EnumCalendarInfoW
GetTempPathW
GetCurrentDirectoryW
SetConsoleCursorPosition
GetThreadContext
CreatePipe
AllocConsole
GetHandleInformation
WritePrivateProfileSectionA
DosDateTimeToFileTime
GetACP
GetLargestConsoleWindowSize
CreateIoCompletionPort
ReadDirectoryChangesW
ConnectNamedPipe
GlobalGetAtomNameW
IsValidLocale
CreateWaitableTimerA
WriteFile
GetSystemTime
QueryDosDeviceW
OpenMutexA
lstrcatW
LoadLibraryExA
CreateFileW
EnumResourceNamesA
GenerateConsoleCtrlEvent
SetFileTime
ReadFileScatter

msvcrt

sscanf
iswalnum
_spawnlp
_chmod
_wchmod
wctomb
_mbsncmp
_waccess
atol
_strdup
isupper
puts
isprint
fseek
frexp

Sections

.text
Size: 5KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 614KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f3ed1aab0c17512d1f38ffb297a3067

Headers

File Characteristics

Imports

user32

shell32

version

kernel32

msvcrt

Sections

.text Size: 5KB - Virtual size: 221KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 614KB - Virtual size: 613KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 5KB - Virtual size: 221KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 614KB - Virtual size: 613KB

.rsrc
Size: 17KB - Virtual size: 16KB