3dd03346c6513ab77fac0e9d1ef41ec8_JaffaCakes118

General

Target

3dd03346c6513ab77fac0e9d1ef41ec8_JaffaCakes118
Size

431KB
MD5

3dd03346c6513ab77fac0e9d1ef41ec8
SHA1

0e4adeb59918b616f8664eae2386749b7bd4ccb2
SHA256

870c59dce3acf93e30e11dd68afea0de2e8b47c8d226e75f5478ff1918539f9c
SHA512

972284e8c174f9b418b25f57b63feea9bae2f372f7246f83077d3f799ec33c96a26aba5371bf84457f96c98c94c40ac6049e135464403769696c206cf0be7c35
SSDEEP

12288:NfXP7BqK4OOZEULlGjfX2xnLto9AM4TKBhP:Nff7N4O4LkQC9uTKBN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dd03346c6513ab77fac0e9d1ef41ec8_JaffaCakes118

Files

3dd03346c6513ab77fac0e9d1ef41ec8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

544d6121dc6f886cd421af5f8d4a4633

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileSectionW
lstrcmpW
CreateThread
ExitProcess
GetModuleHandleA
Heap32ListNext
Sleep
GetModuleHandleW
VirtualFree
LocalSize
lstrlenA
WriteFile
lstrlenW
ResetEvent
CopyFileExW
GetCurrencyFormatW
SignalObjectAndWait
ResumeThread
GetStartupInfoW
lstrcmpiA
GetFileSize
Module32Next
lstrcmpiW
CreateConsoleScreenBuffer
OpenFileMappingA
VirtualAlloc
GetFileInformationByHandle
GetSystemTime
GetLocalTime
lstrcmpA
GetTempPathW

gdi32

EnumFontsA
SetBkMode
GetTextExtentExPointW
CreateCompatibleBitmap
GetWinMetaFileBits
GetBitmapDimensionEx
CreateColorSpaceA
AngleArc
CreatePen
CreateFontA

user32

DdeFreeDataHandle
SwapMouseButton
EnumPropsW
LoadIconA
CreateMenu
RegisterClassA
IsCharAlphaA
FlashWindow
DispatchMessageW
CheckMenuItem
GetKeyNameTextA
DlgDirSelectComboBoxExA
GetClassNameA
GetSystemMenu
GetDlgItemTextA
TabbedTextOutW

msvcrt

wcslen
_mbsspn
_commode
__p__winver
_fgetwchar
__toascii
_ismbclower
_strtime
calloc
_memccpy
exp
wcsstr
strtod
_heapchk
_CIatan
tmpfile
_mbsstr

Sections

.text
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pstk
Size: 164KB - Virtual size: 433KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbdpa
Size: 195KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.efnqs
Size: 66KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

544d6121dc6f886cd421af5f8d4a4633

Headers

File Characteristics

Imports

kernel32

gdi32

user32

msvcrt

Sections

.text Size: 4KB - Virtual size: 5KB

.pstk Size: 164KB - Virtual size: 433KB

.dbdpa Size: 195KB - Virtual size: 314KB

.efnqs Size: 66KB - Virtual size: 246KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 5KB

.pstk
Size: 164KB - Virtual size: 433KB

.dbdpa
Size: 195KB - Virtual size: 314KB

.efnqs
Size: 66KB - Virtual size: 246KB

.reloc
Size: 1024B - Virtual size: 1KB