3d7e54c431b2e945e5c93c0d642215a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d7e54c431b2e945e5c93c0d642215a1_JaffaCakes118
Size

763KB
MD5

3d7e54c431b2e945e5c93c0d642215a1
SHA1

623bb0a0ca8d40f3f6a60c9ab778de9461079e13
SHA256

0f5dbfbd7c41caf0b2838c250b78a9242a42ded6ecd8bcc2ebb763955cc65918
SHA512

fac574161ff36e6675106e3d6ce888b816736ea6bc224d51cefbcf3c565f03d96a174385aa0643b7331f6088452002d185e49fc2acd6f5a460eb02a4a165d79f
SSDEEP

12288:sVL2pCezU3NDHFHytljrDy4a1txPVcK7YMbFaQybeX2x8v9bMhZ/E9QG/5i8:3BkL1KtrO4GxNcWYMhLybu2+v9b4tG/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d7e54c431b2e945e5c93c0d642215a1_JaffaCakes118

Files

3d7e54c431b2e945e5c93c0d642215a1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

76aadce2f2b999d38267eaba424d6e6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
Shell_NotifyIconW

rpcrt4

RpcBindingFromStringBindingW
RpcStringFreeW
RpcImpersonateClient
RpcBindingFree

msvcrt

__set_app_type

ole32

WriteFmtUserTypeStg

comdlg32

GetOpenFileNameA
PrintDlgA

wininet

FtpSetCurrentDirectoryW

kernel32

lstrcmpiW
FindNextFileW
CloseHandle
GlobalAlloc
FindClose
GetModuleFileNameW
CreateEventW
SetLastError
GlobalLock
LoadResource
FlushFileBuffers
GetFullPathNameW
HeapAlloc
GetThreadLocale
GetStringTypeExW
FindResourceW
MulDiv
GlobalUnlock
GetFileAttributesW
HeapFree
WideCharToMultiByte
GetProcessHeap
LockResource
CopyFileW
lstrlenA
ResetEvent
FormatMessageW
Sleep
GetVersionExW
SetFilePointer
GetLastError
GetSystemInfo
SizeofResource
HeapReAlloc
DeleteFileW
CreateProcessW
GlobalFree
MoveFileW
GlobalSize
GetShortPathNameW
WriteFile
GetFileAttributesA
VirtualAlloc
lstrcpyA
ReadFile
lstrlenW
FindFirstFileW
GetUserDefaultLCID
WaitForSingleObject

user32

CopyRect
GetActiveWindow
GetClassNameW
SetDlgItemTextW
GetMenuStringW
SetFocus
IsDialogMessageW
DrawTextW
SetScrollRange
DeferWindowPos
CreateDialogParamW
IsWindowVisible
PostQuitMessage
EndPaint
GetCursorPos

ws2_32

WSAGetLastError

Sections

.data
Size: 415KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76aadce2f2b999d38267eaba424d6e6d

Headers

DLL Characteristics

File Characteristics

Imports

shell32

rpcrt4

msvcrt

ole32

comdlg32

wininet

kernel32

user32

ws2_32

Sections

.data Size: 415KB - Virtual size: 2.0MB

.rsrc Size: 164KB - Virtual size: 164KB

.text Size: 107KB - Virtual size: 106KB

.reloc Size: 512B - Virtual size: 24B

.rdata Size: 74KB - Virtual size: 74KB

.data
Size: 415KB - Virtual size: 2.0MB

.rsrc
Size: 164KB - Virtual size: 164KB

.text
Size: 107KB - Virtual size: 106KB

.reloc
Size: 512B - Virtual size: 24B

.rdata
Size: 74KB - Virtual size: 74KB