3ec0a5b175b230f16a158a8dd275163a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ec0a5b175b230f16a158a8dd275163a_JaffaCakes118
Size

136KB
MD5

3ec0a5b175b230f16a158a8dd275163a
SHA1

b3de0dbcdaaebf072b4c28805012c3150d0c9877
SHA256

4e292daeea6fef10ed1f69ea347cb705bc3136a2c1f9f891e743b1db5997854a
SHA512

a20c451c7eb93e634602e91560a752b720eb3aca0a7361f73b01ea0ce2b9546a2ed75c8c0fd86e893a72b8b3b83794564ddcb2d1f15cbaf30757f8ea4ab0ca16
SSDEEP

3072:cTBZ+RstmJtu6I4KyuMS+sKFTBCctLivj6yVxKzcy8ha9xDMKFJt:2BVUXE+rVCRj6AK8uxDMKV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ec0a5b175b230f16a158a8dd275163a_JaffaCakes118

Files

3ec0a5b175b230f16a158a8dd275163a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fb63c49f32d6560b0267942d6eea4768

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_adjust_fdiv
__getmainargs
__setusermatherr
_initterm
__p__commode
_unlink
_controlfp
_mktemp
atoi
_XcptFilter
_except_handler3
log10
__set_app_type
strerror
strchr
getenv
exit
_acmdln
_pipe
_wfopen
__p__fmode
wcsstr

kernel32

CompareStringW
GetStartupInfoA
VirtualProtect
GetSystemDefaultLCID
WritePrivateProfileStringA
MultiByteToWideChar
EnumCalendarInfoA
GetModuleHandleA

comctl32

ImageList_Create
PropertySheetA
ImageList_SetOverlayImage
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_LoadImageA

ole32

OleRun
RevokeDragDrop
CoGetClassObject
CoGetMalloc
CoFreeUnusedLibraries
CreateStreamOnHGlobal
OleFlushClipboard
CoLoadLibrary
CoGetInterfaceAndReleaseStream
StringFromCLSID

shell32

DragQueryFileW
SHBrowseForFolderW
SHBindToParent
DragQueryFile
SHGetFolderPathA
SHFileOperationW
SHGetSpecialFolderLocation
Shell_NotifyIconA
SHAppBarMessage
Shell_NotifyIconW
SHFileOperationA
SHGetMalloc

version

VerQueryValueA
VerInstallFileA
GetFileVersionInfoW
GetFileVersionInfoA
VerInstallFileW
VerQueryValueW
VerFindFileW
GetFileVersionInfoSizeA

advapi32

RegFlushKey
OpenServiceW
SetSecurityDescriptorOwner
RegQueryValueA
ControlService
RegQueryValueExA
CryptReleaseContext
DeregisterEventSource
OpenServiceA
RegEnumValueA
AddAccessAllowedAce

gdi32

CombineRgn
GetCurrentPositionEx
GetTextExtentPoint32A
GetTextExtentPointA
GetBrushOrgEx
GetTextCharsetInfo
Polygon
CreateDCA
CopyEnhMetaFileA
ExtTextOutW
GetCharWidthW
FrameRgn
GetRegionData
EndPage
ExtFloodFill

oleaut32

SysStringLen
CreateErrorInfo
GetActiveObject
SysStringByteLen
VariantClear
SysAllocStringByteLen
SafeArrayUnaccessData
VariantInit

user32

GetKeyboardType
GetDC
SetClipboardData
IsWindow
GetWindowPlacement
EqualRect
IsWindowVisible
CharLowerA
MessageBeep

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb63c49f32d6560b0267942d6eea4768

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

ole32

shell32

version

advapi32

gdi32

oleaut32

user32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 97KB - Virtual size: 97KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 97KB - Virtual size: 97KB