3e9f5325705a30982fcac6f10bed7b29_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e9f5325705a30982fcac6f10bed7b29_JaffaCakes118
Size

62KB
MD5

3e9f5325705a30982fcac6f10bed7b29
SHA1

9855e144ae0ae99e7f5027099282dda25922f8fd
SHA256

c019f880fe9a20fd850a7e806e5c191b46aed21e7ff602d201355e3cf0b4e6ae
SHA512

81ddae71f242ebd7a8733b8069cd075795f3515f67ebfa8612a48542a9fd68c521d6cd6b6c76311c3c1a058f6166b5cdb5ba294a66175e2a511f0156c12ae1d5
SSDEEP

768:U160MXP3L7bVzRbgcqvGKxOdHLguppKH0FB2oE/mt+YUE5b87WvzaGU9g7IR8Vc4:iUN2dvA7EjE+YUE5bNU9gER8VcQoD4p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e9f5325705a30982fcac6f10bed7b29_JaffaCakes118

Files

3e9f5325705a30982fcac6f10bed7b29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

549a5c533a3b6dccd6a5e8d85196855e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Destroy
ImageList_Create
ImageList_AddMasked

user32

GetWindowDC
GetWindowInfo
IsRectEmpty
SetFocus

gdi32

DeleteObject
GetStockObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
ShellExecuteW

kernel32

GetWindowsDirectoryW
GetSystemTimeAsFileTime
FreeLibrary
GetFileAttributesW
GetThreadLocale
GetCurrentProcess
GetModuleFileNameW
CreateFileA
QueryPerformanceCounter
SetThreadPriority
DebugBreak
LocalAlloc
GetPrivateProfileStringW
GetCommandLineW
HeapAlloc
SetFilePointer
IsWow64Process
IsValidLocale
GetProcessHeap
GetModuleHandleA
SuspendThread
GetExitCodeProcess
CreateFileW
LocalReAlloc
GetFullPathNameW
GlobalAddAtomW
IsBadCodePtr
DeviceIoControl
GetPrivateProfileSectionW
GlobalAlloc
WideCharToMultiByte
GetProcAddress
lstrcmpiW
GetCurrentProcessId
GetTempPathW
InterlockedDecrement
GlobalFindAtomA
GetFileSize
GetDateFormatA
RaiseException
VirtualQueryEx
ReadFile
LocalLock
BackupRead
CreateIoCompletionPort
lstrlenW
GetPrivateProfileIntW
SetCurrentDirectoryW
HeapFree
GetTimeFormatW
CopyFileW
SetLocalTime
GetTickCount
OpenEventW
GlobalFree
GetVolumeInformationW
GetModuleFileNameW
MultiByteToWideChar
CreateMutexW
WriteFile
ReleaseMutex
InterlockedIncrement
GetStartupInfoA
lstrcmpW
SetLastError
GetLogicalDriveStringsW
CreateDirectoryW
WaitNamedPipeW
GetCurrentThreadId
FormatMessageW
GetSystemDirectoryW
LocalFree
lstrlenA
SwitchToThread
RemoveDirectoryA
GetDateFormatW
GetFileTime
GetProcessVersion
GetTempPathA
DeleteFileW
ExpandEnvironmentStringsW

ole32

CoTaskMemFree
CoSetProxyBlanket
CoQueryProxyBlanket
CoCreateInstance
OleTranslateAccelerator
CoInitialize
CoUninitialize

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 147KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

549a5c533a3b6dccd6a5e8d85196855e

Headers

File Characteristics

Imports

comctl32

user32

gdi32

shell32

kernel32

ole32

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 113KB

.rsrc Size: 3KB - Virtual size: 3KB

.edata Size: 147KB - Virtual size: 267KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 113KB

.rsrc
Size: 3KB - Virtual size: 3KB

.edata
Size: 147KB - Virtual size: 267KB