3e84d9efb0dbaaf341ced489dea6b630_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e84d9efb0dbaaf341ced489dea6b630_JaffaCakes118
Size

148KB
MD5

3e84d9efb0dbaaf341ced489dea6b630
SHA1

0923b606f52ca888e9c9fb644ba27118daa815d1
SHA256

859f5d0e54bbc6ed8ea31e237062242580fda03fbae039927383efec4856250e
SHA512

c13464867a9726da273fc077dbbc8c38c9c33a0abdf8a1139a25f6e3142cfe383f60f84613479ad8347cf97bb7f82d66d0c4f90f1da0be169a649f622cebd74c
SSDEEP

3072:HrZVAcw4UdcbqNS8yzfe59ESULopwWhiJnV9YpCz0qj3yNbp6L6:UQUrt9EFo+WhiBYswqY6L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e84d9efb0dbaaf341ced489dea6b630_JaffaCakes118

Files

3e84d9efb0dbaaf341ced489dea6b630_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a7ef343aa7296d2bbfb9285333f3045b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetConsoleMode
GetModuleHandleA
CreateDirectoryA
CreateFileMappingA
FileTimeToDosDateTime
GetStartupInfoA
ExitProcess
VirtualProtect
lstrcmpiW
SetEnvironmentVariableA

user32

OpenClipboard
ReleaseDC
DrawFrameControl
SetScrollRange
GetKeyState
LoadIconA
WaitMessage
WindowFromPoint
GetSysColor
SetTimer

msvcrt

log10
__p__fmode
_setjmp
__setusermatherr
iswctype
_except_handler3
memchr
_XcptFilter
wcsncmp
__set_app_type
_adjust_fdiv
__getmainargs
_lseek
_acmdln
_dup
memmove
fputc
_strnicmp
exit
__mb_cur_max
_mbsicmp
__p__commode
_initterm

shell32

SHGetFileInfo
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA
DragQueryFileA
CommandLineToArgvW
SHGetPathFromIDList
SHFileOperationW
ShellExecuteA
SHGetPathFromIDListW
SHFileOperationA

comctl32

ImageList_SetBkColor
ImageList_DragLeave
ImageList_Create
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_SetOverlayImage
ImageList_DragEnter
ImageList_GetIconSize

advapi32

RegDeleteKeyA
LookupPrivilegeValueW
OpenSCManagerA
CloseServiceHandle
RegEnumValueW
RegOpenKeyW
RegDeleteKeyW

oleaut32

SysStringByteLen
SafeArrayPtrOfIndex
VariantClear
VariantCopyInd
SafeArrayGetElement
GetErrorInfo
SafeArrayPutElement
SafeArrayRedim
LoadTypeLib
SysStringLen

ole32

CoDisconnectObject
OleSetClipboard
CLSIDFromProgID
StgCreateDocfileOnILockBytes
DoDragDrop
StringFromCLSID

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a7ef343aa7296d2bbfb9285333f3045b

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

comctl32

advapi32

oleaut32

ole32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 136KB - Virtual size: 136KB

.data Size: 6KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 136KB - Virtual size: 136KB

.data
Size: 6KB - Virtual size: 5KB