3e38152aec3734487ffb0b801f43c53a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e38152aec3734487ffb0b801f43c53a_JaffaCakes118
Size

862KB
MD5

3e38152aec3734487ffb0b801f43c53a
SHA1

2c78e3b9ef4ee1dd4ee2dd44ac1fd263560e2ed8
SHA256

0f47ea61296fcc2de98976f2e4d01430a62591d3f0b1b8d91b7f8de4cd24ad96
SHA512

d90e1aa0cb942e56de61ad36abc9eb725c83e122c5ce31f751ea957d82837e0da3e6fad6b47a611e3690a7be6c9078bd4d520a73ffe6530bc4d7190d09c33696
SSDEEP

24576:G5xNdUkQVAHBWUdYu6m+fm4mS9zG2EP8rrtrgf:G7KAHoNuufFhEPj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e38152aec3734487ffb0b801f43c53a_JaffaCakes118

Files

3e38152aec3734487ffb0b801f43c53a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dd078f1325cb74d46fed27c6d0fefc07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageW
UpdateWindow
GetLastActivePopup
OpenClipboard
FillRect
GetMenuItemID
AdjustWindowRectEx
MoveWindow
DefWindowProcW
EnableMenuItem
CloseClipboard
RegisterWindowMessageA
DrawIconEx
SetCapture
SetPropW
GetDlgItemTextW
RemoveMenu
SetParent
ScreenToClient
GetPropA
GetSysColor
UnhookWindowsHookEx
LoadMenuW
UnionRect
PtInRect
GetWindowTextW

msvcrt

wcschr
exit
_vsnwprintf
__p__commode
fclose
memcpy
_CxxThrowException
__set_app_type
__getmainargs
wcsrchr
fflush

kernel32

SetEvent
OutputDebugStringA
lstrcmpA
GetVersion
GetTickCount
InterlockedExchange
GetSystemTimeAsFileTime
ExitProcess
LeaveCriticalSection
GetVersionExA
IsProcessorFeaturePresent
SetLastError
CloseHandle
GlobalSize
CreateEventW
DeleteFileW
EnterCriticalSection
GetFileSize
GetDriveTypeW
VirtualAlloc
SetConsoleCtrlHandler
GetCurrentProcessId
TerminateProcess
LocalFileTimeToFileTime
GetConsoleOutputCP
GetSystemInfo
QueryPerformanceCounter
GlobalHandle
HeapSize
InitializeCriticalSectionAndSpinCount
RemoveDirectoryW
GetThreadLocale
WaitForSingleObject
GetFullPathNameW
DeleteCriticalSection
IsValidLocale
GetCurrentThreadId
InterlockedCompareExchange
LoadLibraryA
GetStringTypeA
GetModuleHandleA
CopyFileW
FreeResource
WriteFile
GetDateFormatW
LoadLibraryExA
GetCurrentThread
OpenEventW
InitializeCriticalSection

advapi32

RegCreateKeyW
RegEnumKeyExW
RegEnumKeyExA
RegEnumValueW
RegDeleteValueA

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 494KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd078f1325cb74d46fed27c6d0fefc07

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

kernel32

advapi32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 192KB - Virtual size: 192KB

.data Size: 494KB - Virtual size: 1.9MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 192KB - Virtual size: 192KB

.data
Size: 494KB - Virtual size: 1.9MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB