3e96391fa2955e0bf7d8907929dd690d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e96391fa2955e0bf7d8907929dd690d_JaffaCakes118
Size

178KB
MD5

3e96391fa2955e0bf7d8907929dd690d
SHA1

7dbade15fa1ae5be47b0768177786fa62a65aeb8
SHA256

e8ecc08cba43979c27052423c66c56cc90ffd6021e07ca33b1c6d9f795b8fa8e
SHA512

a8f1715d73efb21df53de46c1683d6195bfb44fa7387b98674934483d875a814b3db2792ea6999bcf6a53f7d277d76f5c9948f2daf04b05640dea7605dea7627
SSDEEP

3072:VBHpZLUcgB4Y6Tv8PRXDnTw2TiYyVUvxireXgkXNPkh2dutt:TP5tiPRX/niYyV+xsWNP4L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e96391fa2955e0bf7d8907929dd690d_JaffaCakes118

Files

3e96391fa2955e0bf7d8907929dd690d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd8d04b0daa59d8b161f65b7e498750b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CreateDirectoryA
CreateFileA
CreateFileMappingA
DeleteFileW
DeviceIoControl
EnterCriticalSection
EnumCalendarInfoA
ExitThread
FileTimeToLocalFileTime
FindFirstFileA
FindResourceA
FindResourceW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCurrentProcessId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileType
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
IsBadWritePtr
IsDBCSLeadByte
LoadLibraryA
LocalFree
MapViewOfFile
MoveFileA
OutputDebugStringA
ReleaseMutex
ResetEvent
ResumeThread
SetCurrentDirectoryA
SetEndOfFile
SetEvent
SetFilePointer
SetStdHandle
SetThreadPriority
SizeofResource
SystemTimeToFileTime
TerminateThread
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrlenA

user32

AdjustWindowRectEx
CallNextHookEx
CharNextA
ClientToScreen
DeleteMenu
DestroyIcon
DrawIcon
DrawIconEx
DrawMenuBar
EmptyClipboard
EndDialog
EnumThreadWindows
GetClassInfoA
GetDC
GetIconInfo
GetKeyboardType
GetMenu
GetPropA
GetSystemMenu
GetWindow
GetWindowLongA
GetWindowTextA
IsChild
IsDialogMessageA
IsWindow
IsWindowVisible
LoadBitmapA
OffsetRect
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterWindowMessageA
ReleaseDC
ScreenToClient
ScrollWindow
SetClassLongA
SetClipboardData
SetCursor
SetScrollPos
SetTimer
SetWindowLongA
UpdateWindow
WindowFromPoint
wsprintfA

gdi32

AddFontResourceA
BitBlt
Chord
CreateDCA
CreateDCW
CreateDIBitmap
CreateFontIndirectA
CreateICW
ExtTextOutA
GetBkColor
GetCharWidthA
GetCharWidthW
GetClipRgn
GetDIBColorTable
GetMetaFileBitsEx
GetPixel
GetTextExtentPoint32A
GetTextMetricsW
GetWindowExtEx
IntersectClipRect
LineTo
PatBlt
Polyline
SaveDC
SelectClipPath
SetBrushOrgEx
SetTextColor
SetViewportOrgEx
SetWinMetaFileBits
StrokeAndFillPath

shell32

DragQueryFileA
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconW
SHAppBarMessage
SHBindToParent
SHCreateDirectoryExA
SHFileOperationW
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathA
ShellExecuteExA
Shell_NotifyIconA

comctl32

CreatePropertySheetPageA
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_EndDrag
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_Read
ImageList_Replace
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Write
InitializeFlatSB
PropertySheetA

advapi32

CheckTokenMembership
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptAcquireContextA
EqualSid
GetSecurityDescriptorDacl
InitializeAcl
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenProcessToken
QueryServiceStatus
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW

ole32

CLSIDFromString
CoCreateGuid
CoCreateInstance
CoDisconnectObject
CoGetInterfaceAndReleaseStream
CoRegisterClassObject
CoRegisterMessageFilter
CoReleaseMarshalData
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CreateBindCtx
CreateStreamOnHGlobal
DoDragDrop
IIDFromString
IsAccelerator
IsEqualGUID
OleDraw
OleFlushClipboard
OleIsCurrentClipboard
OleRun
ProgIDFromCLSID
RegisterDragDrop
RevokeDragDrop
StgOpenStorage
StringFromCLSID
StringFromGUID2
StringFromIID

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd8d04b0daa59d8b161f65b7e498750b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 26KB - Virtual size: 28KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 26KB - Virtual size: 28KB