3d8b390ec4cd98215d79a6a04e52e284_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d8b390ec4cd98215d79a6a04e52e284_JaffaCakes118
Size

98KB
MD5

3d8b390ec4cd98215d79a6a04e52e284
SHA1

b5b2c15378bc52472a0b0576e5f40a0de78e115e
SHA256

18f4d799fb14d57ab21e04f436ca74c15efa629c91f73771fd1de35260b8f9c0
SHA512

93fe373fdc292bb0b1169674610133d91ac70ad2fbf89226387f3e5bb5a6460b407cd61cbdaef4beabf91818f221b308a5a6542851307d66d438f249d027b9f6
SSDEEP

1536:vU8HqPaa5QFfVGIVhe0cqycoYeHIEPy4WiPSOvfWVChvJElu4M9PJUxvBxP6W1bu:XOm9V1PvlpkdOyfWCh0uTRwrSU0rV7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d8b390ec4cd98215d79a6a04e52e284_JaffaCakes118

Files

3d8b390ec4cd98215d79a6a04e52e284_JaffaCakes118
.exe windows:3 windows x86 arch:x86

3d1587aaab89b13a7ef9541426222e70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FatalAppExitA
GetProcAddress
OpenEventA
lstrcmpiW
ExitThread
GetACP
GetTempPathA
OpenEventW
GetDiskFreeSpaceA
lstrcpyA
SetEvent
GetModuleHandleA
lstrcmpW
ConnectNamedPipe
GetVersionExA
CreateEventA
lstrcpyW
GlobalAlloc
GetCurrentProcessId
GetStartupInfoW
LocalFree
CreateEventW
GetComputerNameA
lstrcpynW
CopyFileExA
CopyFileExW

user32

RemoveMenu
LoadMenuA
SetParent
GetMenuItemRect
SetWindowLongW
GetWindowTextLengthA
CheckMenuItem
GetWindowTextLengthW
GetWindowLongA
InsertMenuItemA
SetDlgItemTextA
DestroyWindow
InsertMenuW
LoadCursorA
GetForegroundWindow
InsertMenuItemW
GetKeyboardType
GetMenuItemCount

gdi32

SetBkColor
ExtTextOutW
GetObjectW
TextOutW
CreateCompatibleDC

advapi32

RegOpenKeyExA
RegReplaceKeyW

comdlg32

GetOpenFileNameA
GetSaveFileNameW
ChooseFontW
PageSetupDlgA

shell32

ShellExecuteA

ole32

OleUninitialize
CoGetCallerTID
CoGetDefaultContext

version

VerQueryValueA

ws2_32

WSAEventSelect
ioctlsocket

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d1587aaab89b13a7ef9541426222e70

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comdlg32

shell32

ole32

version

ws2_32

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 62KB - Virtual size: 62KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 292B

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 62KB - Virtual size: 62KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 292B