3fe254a759c4a351b1ceff765007be80_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3fe254a759c4a351b1ceff765007be80_JaffaCakes118
Size

103KB
MD5

3fe254a759c4a351b1ceff765007be80
SHA1

874276aaab9f5c0872259ede9c4aac5c25be8d41
SHA256

6f4a47c616c7bea2ac6656556da70eb6b536716cf55bbbfe5e7ba40bb68c837e
SHA512

12623ea164aa6b15c25839ea36993db3228556c22b834e8994ba93319f6a28015d8e4d64912401452050e56451a5328e53c0271cced0dff5257d0fb892a86e24
SSDEEP

1536:HuRicZeGlkDk5FM8j9ZFt9ZYhd4xoDk7o0vsRazTOYpst/Fh5qii/:WA2kqFM8PFl24xowZvAa/OYpstFhVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fe254a759c4a351b1ceff765007be80_JaffaCakes118

Files

3fe254a759c4a351b1ceff765007be80_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2a2db93ee9db089547e864fc63cb0484

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
LCMapStringW
HeapSize
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
HeapReAlloc
IsProcessorFeaturePresent
GetLastError
HeapCreate
LoadLibraryW
GlobalAlloc
GetProcessHeap
HeapAlloc
GetSystemTimeAsFileTime
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount

user32

DestroyWindow
GetMessageA
GetClassNameA
GetWindowRect
GetWindowDC
GetSubMenu
GetParent
LoadIconA
GetWindowInfo
wsprintfA
GetClientRect
SendMessageA
EnumWindows
CreateIconIndirect
GetDC
TranslateMessage
GetWindowTextA
MessageBoxA
InvalidateRect
SetCursorPos
UnregisterClassA
GetWindowLongA
GetWindowTextW
CreateWindowExA
ReleaseDC
EnableMenuItem
GetDlgItem
GetDesktopWindow
SetWindowPos
ShowWindow
DrawMenuBar
DispatchMessageA
GetSystemMetrics
CloseWindow
FindWindowA
LoadCursorA
SetDlgItemTextA
RegisterClassA
MoveWindow

gdi32

DeleteDC
GetFontLanguageInfo
SetPixel
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
GetTextMetricsA
GetFontData
GetPixel
GetObjectA
GetStockObject
GetTextExtentPoint32W

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a2db93ee9db089547e864fc63cb0484

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 101KB - Virtual size: 104KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 101KB - Virtual size: 104KB

.rsrc
Size: 1KB - Virtual size: 1KB