3e26f82bc4e2b65d5b15984fbfdd3ed8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e26f82bc4e2b65d5b15984fbfdd3ed8_JaffaCakes118
Size

764KB
MD5

3e26f82bc4e2b65d5b15984fbfdd3ed8
SHA1

0538c641c600287d9cdfd27251426b98425115b8
SHA256

86a5a61200ce598d2d590d27008c4469aeeb074de649e48d40ee5e07b7295ad0
SHA512

4cb97e1cf7a31d0281fd791952fa9a8c27115301e5477cacf8dd6bdbaac23be1368e4fbc7e49df44d5bae335c190e7814b3b212da06f12d54e6989d2c67732ac
SSDEEP

12288:ZTlQHOWZ7tY222mgG2khorOyQwF7LkmhKaPC/lJ6/JFj8OlUFlZn7DTo7CjC:ZTlQuWDY28gG2yo/XFXkm/PC/v6xFjTD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e26f82bc4e2b65d5b15984fbfdd3ed8_JaffaCakes118

Files

3e26f82bc4e2b65d5b15984fbfdd3ed8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

728f89ccdd499e6af28e3474bfabbe73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumPropsW
ShowWindow
SetTimer
SetWindowsHookExW
GetWindowTextA
WinHelpW
DrawFocusRect
LockWindowUpdate
ValidateRgn
SetWindowContextHelpId
EqualRect
EnumPropsExW
SetMenuInfo
LoadKeyboardLayoutA
DdeReconnect
CloseWindow
FindWindowA
CloseWindowStation
EnumDisplayDevicesA
SwitchDesktop
SetProcessWindowStation
CheckRadioButton
DdeConnect
BeginPaint
EndMenu
RegisterClassA
MapVirtualKeyW
GetProcessDefaultLayout
RegisterClassExA
MessageBoxA
DefMDIChildProcW
SetUserObjectInformationA
DdeDisconnect
VkKeyScanW
wvsprintfA
DefMDIChildProcA
LoadMenuIndirectA
wvsprintfW
TranslateAcceleratorW
DestroyWindow
LoadIconA
CharLowerBuffA
SendDlgItemMessageA
VkKeyScanExA
OpenInputDesktop
RealChildWindowFromPoint
SetScrollRange
InvalidateRgn
RegisterWindowMessageW
IsWindow
DefWindowProcA
MapDialogRect
CheckMenuItem
CharPrevA
OpenDesktopW
CreateIconFromResourceEx
DdeAccessData
CreateWindowExW
SetCursor
SetClipboardData
DragDetect
DefDlgProcW
ReleaseDC
ReleaseCapture
ShowOwnedPopups
LoadStringA
CharPrevExA

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Duplicate
ImageList_LoadImageA
ImageList_SetDragCursorImage
DrawInsert
ImageList_GetDragImage
CreateToolbar
ImageList_DragShowNolock
ImageList_Read
ImageList_SetFlags
DrawStatusTextA

kernel32

FlushFileBuffers
MapViewOfFileEx
SetThreadContext
GetCurrentProcessId
HeapDestroy
LCMapStringW
CommConfigDialogW
LeaveCriticalSection
WritePrivateProfileSectionA
lstrcmp
SetHandleCount
GetEnvironmentStrings
CloseHandle
TlsFree
GetCommandLineA
SetPriorityClass
GetTimeZoneInformation
LCMapStringA
FreeEnvironmentStringsA
OpenMutexA
CompareStringA
TlsAlloc
VirtualAlloc
GetStringTypeW
InitializeCriticalSection
HeapAlloc
GetCPInfo
GetNamedPipeInfo
InterlockedIncrement
TlsGetValue
Sleep
GetModuleHandleA
GetTickCount
CreateEventW
GetStartupInfoA
GetProcAddress
RtlUnwind
LoadLibraryA
GetTempFileNameA
GetEnvironmentStringsW
GetCurrentThread
GetLocalTime
QueryPerformanceCounter
HeapReAlloc
GetProcessHeaps
WriteProfileStringA
SetEnvironmentVariableA
GetStringTypeA
VirtualFree
GetCurrentProcess
InterlockedExchange
GetLastError
UnhandledExceptionFilter
GetPrivateProfileStructW
GetSystemTimeAsFileTime
EnterCriticalSection
CompareStringW
DeleteCriticalSection
GetVersion
FreeEnvironmentStringsW
GetNumberFormatA
GetSystemTime
GetLogicalDrives
SetStdHandle
CreateMutexA
SetConsoleScreenBufferSize
WriteFile
GetCurrentThreadId
GetOEMCP
VirtualQuery
TerminateProcess
GetFileAttributesA
WritePrivateProfileSectionW
SetCurrentDirectoryW
ReadConsoleOutputCharacterA
MultiByteToWideChar
GlobalFindAtomA
GetModuleFileNameW
IsBadWritePtr
HeapCreate
TlsSetValue
GetFileType
SetLastError
SetFilePointer
GetACP
ReadFile
DuplicateHandle
WritePrivateProfileStringA
WideCharToMultiByte
GetStdHandle
GetModuleFileNameA
ExitProcess
lstrcatA
lstrcmpiW
InterlockedDecrement
CreatePipe
HeapFree

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

728f89ccdd499e6af28e3474bfabbe73

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 448KB - Virtual size: 444KB

.data Size: 136KB - Virtual size: 159KB

.rsrc Size: 92KB - Virtual size: 88KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 448KB - Virtual size: 444KB

.data
Size: 136KB - Virtual size: 159KB

.rsrc
Size: 92KB - Virtual size: 88KB