3e25f48054733fc1e42f5b40737ef848_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e25f48054733fc1e42f5b40737ef848_JaffaCakes118
Size

241KB
MD5

3e25f48054733fc1e42f5b40737ef848
SHA1

18808642c3f66c52a399fcd1213d87af74c28331
SHA256

e496d631fb7d43df5f01f91aaf2a37eb2d3501d168399d653b952b04a5fc512a
SHA512

f4dd9b62d84523ecc2a07631849800109c37e9c6e52aa00fcbab4c30a91e3b9bce6b734a88d30ae65aa2d787c0d9472df21c1498ac122686f3645629c7f3b5b6
SSDEEP

6144:qzziEF7bF5RV5mj0y6i/EmijI2vv5vXzrtu8XTO3QyfbOO:qH7ij0Ri/Emi1HtXz48sQ1O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e25f48054733fc1e42f5b40737ef848_JaffaCakes118

Files

3e25f48054733fc1e42f5b40737ef848_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a64f89ba45ebc7ef1004d9893960155f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
lstrcmpW
OpenMutexW
AddAtomW
GetCalendarInfoW
IsBadWritePtr
OpenWaitableTimerA
SleepEx
GetProcAddress
GetModuleFileNameW
FileTimeToDosDateTime
GetVolumeInformationA
GetCurrentProcess

user32

GetKeyboardLayout
GetMessageA
SetWindowLongW
GetDlgItemTextW
LoadIconW
IsMenu
CreateAcceleratorTableW
CreateDialogIndirectParamA
WinHelpW
MonitorFromPoint
GetClassInfoExA
EnumClipboardFormats
mouse_event
CreateDesktopW
ActivateKeyboardLayout
GetMenuInfo
GetSysColorBrush
AppendMenuW
GetMenuItemID
CreateWindowExW
RegisterClassW
SendDlgItemMessageW
SetActiveWindow
UnregisterClassA
LoadCursorW
GetMenuItemInfoW
GetClassInfoA
LoadMenuA
CopyRect
wvsprintfW
SetParent
CharUpperA
LoadMenuW

gdi32

GetRasterizerCaps
GetEnhMetaFileW
CreateDIBPatternBrush
CreateRoundRectRgn
CreateRectRgn
RemoveFontResourceA
GetTextExtentPointW
GetEnhMetaFilePixelFormat
TranslateCharsetInfo
CreateCompatibleDC
CreateMetaFileA
CreateHatchBrush
CreateDIBSection
GetTextExtentPointA
CreateMetaFileW
GetMetaFileA
GetEnhMetaFileA
CreateBrushIndirect
CreateScalableFontResourceW
CreateBitmapIndirect

shell32

SHCreateDirectoryExA
StrRChrW
StrCmpNW
FreeIconList
StrStrA
ShellExecuteEx
ExtractIconExA
ExtractAssociatedIconExW
ShellExecuteExA
SHBrowseForFolder

shlwapi

ColorHLSToRGB
PathGetDriveNumberW
StrCpyW
StrCSpnA
SHRegEnumUSKeyA
SHSetValueA
PathFindNextComponentA

comdlg32

PageSetupDlgW
GetSaveFileNameA

ole32

OleInitialize
OleLoad
CoFileTimeNow

oleaut32

VarBoolFromDec
VarWeekdayName
SysReAllocString
VarFormatCurrency
DispCallFunc
VarBoolFromCy
SetOaNoCache
VarCyFromDec
VarBstrFromCy
VarDecFromStr

rasman

RasFreeBuffer
RasDeAllocateRoute

wsock32

GetServiceW

crypt32

CryptUnprotectData
CertVerifyCRLTimeValidity
CryptExportPKCS8
CryptSIPAddProvider
RegQueryValueExU

Sections

.Scq
Size: 1024B - Virtual size: 517B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GeMMK
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.J
Size: 512B - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uBGnBR
Size: 3KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OvR
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.H
Size: 4KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fsi
Size: 4KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.V
Size: 1024B - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hqupp
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.P
Size: 2KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.N
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VroG
Size: 10KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OfVQ
Size: 4KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a64f89ba45ebc7ef1004d9893960155f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

comdlg32

ole32

oleaut32

rasman

wsock32

crypt32

Sections

.Scq Size: 1024B - Virtual size: 517B

.GeMMK Size: 91KB - Virtual size: 90KB

.J Size: 512B - Virtual size: 350KB

.uBGnBR Size: 3KB - Virtual size: 49KB

.OvR Size: 10KB - Virtual size: 10KB

.H Size: 4KB - Virtual size: 342KB

.fsi Size: 4KB - Virtual size: 201KB

.V Size: 1024B - Virtual size: 211KB

.hqupp Size: 3KB - Virtual size: 11KB

.P Size: 2KB - Virtual size: 104KB

.N Size: 89KB - Virtual size: 89KB

.VroG Size: 10KB - Virtual size: 257KB

.OfVQ Size: 4KB - Virtual size: 376KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.Scq
Size: 1024B - Virtual size: 517B

.GeMMK
Size: 91KB - Virtual size: 90KB

.J
Size: 512B - Virtual size: 350KB

.uBGnBR
Size: 3KB - Virtual size: 49KB

.OvR
Size: 10KB - Virtual size: 10KB

.H
Size: 4KB - Virtual size: 342KB

.fsi
Size: 4KB - Virtual size: 201KB

.V
Size: 1024B - Virtual size: 211KB

.hqupp
Size: 3KB - Virtual size: 11KB

.P
Size: 2KB - Virtual size: 104KB

.N
Size: 89KB - Virtual size: 89KB

.VroG
Size: 10KB - Virtual size: 257KB

.OfVQ
Size: 4KB - Virtual size: 376KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB