3e21ad2f75a52107f86f1897f1abc2b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e21ad2f75a52107f86f1897f1abc2b1_JaffaCakes118
Size

901KB
MD5

3e21ad2f75a52107f86f1897f1abc2b1
SHA1

c9c2bd689f929f9a09a08264d71979bd755ef4fd
SHA256

36994f517e5eca2fdb4bd0f97256abdee314b5a78017eee43a2ef547e0ddc6fb
SHA512

4387240071652e74f6656c6a8c2f63322494c99e09172b8f35f714f8086032cd70b00ddbb9f266381a451179221e6177b96b1f04af65175acd86c20b71e83d08
SSDEEP

24576:HWbo4QONDlMrAKC0w1L2n49x38ICSUTIa8hI5J:HE9ND6c5w23pNUtJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e21ad2f75a52107f86f1897f1abc2b1_JaffaCakes118

Files

3e21ad2f75a52107f86f1897f1abc2b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f8108b20798c03a081391c4f7b3e43a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
SetWindowPos
IsWindow
GetCursorPos
SendMessageA
DestroyWindow
ShowWindow
EnableWindow
PeekMessageA
LoadStringA
EnableMenuItem
CreateWindowExA
FillRect
GetSystemMetrics
GetWindowRect
IsIconic
PostMessageA
GetDlgItem
ScreenToClient
MessageBoxA
SystemParametersInfoA
CallWindowProcA
SetCursor

kernel32

InterlockedIncrement
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
GetFileAttributesA
WaitForSingleObject
HeapDestroy
GetFileAttributesW
DeleteCriticalSection
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
WideCharToMultiByte
WriteFile
HeapReAlloc
GetStringTypeW
FreeLibrary
LocalFree
FormatMessageW
InitializeCriticalSection
LoadResource
InterlockedDecrement
GetLastError
GetCurrentThread
GetVersion
GetModuleHandleA
GetCurrentProcessId
GetCommandLineA
GetTickCount
GetCurrentThreadId
ExitProcess
HeapAlloc
GetProcessHeap
VirtualAlloc
FindResourceA
Sleep
VirtualFree
UnmapViewOfFile
GetEnvironmentStrings
InterlockedExchange
GetModuleHandleW
CloseHandle
ReadFile
SetFilePointer
TlsFree
RaiseException
HeapSize
GetCPInfo
GetCommandLineW
SizeofResource
FileTimeToLocalFileTime
lstrlenW
LCMapStringA
GlobalFree
lstrlenA
GetSystemInfo
LCMapStringW
CreateFileA
TlsSetValue
GetFileType
CreateFileW
WaitForMultipleObjects
CreateFileMappingA
lstrcpyA
FindNextFileW
CompareStringW
GetProcAddress
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
VirtualProtect
TlsAlloc
SetEvent
LoadLibraryW
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GlobalAlloc
WriteConsoleA
TerminateProcess
SetUnhandledExceptionFilter
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
GetModuleFileNameW
TlsGetValue
SetLastError
FormatMessageA

Sections

.text
Size: 872KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f8108b20798c03a081391c4f7b3e43a

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 872KB - Virtual size: 1.2MB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 872KB - Virtual size: 1.2MB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 10KB - Virtual size: 9KB