3fd0121ac84694edb3d72aad3a1a35ff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3fd0121ac84694edb3d72aad3a1a35ff_JaffaCakes118
Size

576KB
MD5

3fd0121ac84694edb3d72aad3a1a35ff
SHA1

c8a6ad0c74b004f2e63e8ab169b80236caa0c64a
SHA256

f1d428cd71a8daa07db6ff34a32190fa6ce6edaed69a8081f788719d86e8f757
SHA512

732ffa422998e1954bdb03d53c8db0d19afb0bcd5b106e69d7cf40620e680f948ed7aa9c283e45005b5d4c4305bc2e19e6d166d70c311501f14c535694c4128b
SSDEEP

12288:FOtVr9kRAQAM2jvk8UobErQpaJcXqRmB+tivXTL:FGkAlM2g8jbErQIJcXetCXTL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd0121ac84694edb3d72aad3a1a35ff_JaffaCakes118

Files

3fd0121ac84694edb3d72aad3a1a35ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ffcfc9cc1300c90bcaf607617c8f45a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\npsexvj.pdb

Imports

wininet

FtpGetFileEx
FindNextUrlCacheEntryExW

user32

DdeConnect
GetUserObjectInformationA
SetProcessDefaultLayout
EnumPropsExA
CreateMDIWindowA
GetTopWindow
RegisterClassA
DefMDIChildProcW
SetDebugErrorLevel
ReplyMessage
RegisterClassExA
CreateWindowExA
CreateIconIndirect
CharNextA
FindWindowExW
GetMenuStringA
EnumDesktopsW
ShowWindow
MessageBoxExW
DlgDirListComboBoxA
SetClipboardData
GetKeyState
AnimateWindow
SetMenuInfo
IsClipboardFormatAvailable
GetMenuCheckMarkDimensions
DialogBoxIndirectParamW
SendDlgItemMessageW
SetClassWord
OpenIcon
IsDlgButtonChecked
DestroyWindow
IntersectRect
DefWindowProcW
GetMenuDefaultItem
LoadAcceleratorsA
CreateDesktopA
GetDoubleClickTime
SetWindowRgn
GetClassNameA
DefFrameProcA
ChangeMenuW
DdeAddData
MessageBoxW
GetUserObjectInformationW
ScreenToClient
InSendMessageEx
LoadMenuW
CascadeChildWindows
GetProcessWindowStation
SystemParametersInfoW
RegisterClassW
GetDesktopWindow

comdlg32

GetFileTitleA
PageSetupDlgW

comctl32

ImageList_GetFlags
_TrackMouseEvent
CreatePropertySheetPage
ImageList_GetImageRect
MakeDragList
DrawStatusText
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_Write
ImageList_Replace
ImageList_DrawEx
InitCommonControlsEx
ImageList_SetIconSize
InitMUILanguage
ImageList_AddIcon

kernel32

ExpandEnvironmentStringsA
GetProcAddress
MoveFileExW
GetTimeZoneInformation
GetCurrentThread
InterlockedDecrement
ReadFile
CreateWaitableTimerW
EnumTimeFormatsA
GetDriveTypeW
TerminateProcess
ReadConsoleW
GetPrivateProfileSectionW
HeapAlloc
SetEnvironmentVariableW
GetUserDefaultLCID
GetEnvironmentStrings
GetLocalTime
WriteConsoleInputW
SetLastError
HeapFree
RtlFillMemory
SetTimeZoneInformation
IsBadWritePtr
DeleteCriticalSection
GetCurrentProcessId
TlsSetValue
HeapCreate
WaitForSingleObjectEx
GetStringTypeW
QueryPerformanceCounter
GetPrivateProfileStringW
TlsFree
GetExitCodeThread
LoadLibraryA
GlobalFlags
FreeEnvironmentStringsW
InitializeCriticalSection
HeapDestroy
UnhandledExceptionFilter
SetFileAttributesW
CreateDirectoryExA
GetSystemDefaultLCID
FlushFileBuffers
GetStartupInfoA
LeaveCriticalSection
CompareStringA
RemoveDirectoryW
WideCharToMultiByte
GetStringTypeA
GetStdHandle
FindAtomA
EnterCriticalSection
GetEnvironmentStringsW
VirtualFreeEx
GetTickCount
OpenMutexA
GetModuleHandleA
GetCommandLineA
FillConsoleOutputCharacterW
LCMapStringA
WritePrivateProfileStringA
CreateMutexA
GetModuleFileNameA
CreateFileA
lstrlen
LocalReAlloc
SetHandleCount
GetVersion
GetProcAddress
InterlockedExchange
GetSystemTimeAdjustment
LoadLibraryExA
GetFileAttributesA
GetCalendarInfoW
GetSystemTimeAsFileTime
GetCurrentThreadId
MoveFileW
CloseHandle
InterlockedIncrement
FreeEnvironmentStringsA
HeapReAlloc
FindFirstFileA
GetFullPathNameA
ExitProcess
GlobalAddAtomA
OpenFile
GetFileType
GetModuleFileNameW
GetStartupInfoW
lstrcmpiW
SetConsoleTitleA
OpenSemaphoreA
MultiByteToWideChar
WriteFile
GetProfileStringA
SetEnvironmentVariableA
FindResourceA
CompareStringW
GetLastError
GetConsoleTitleW
TerminateThread
CreateToolhelp32Snapshot
LCMapStringW
VirtualQuery
RtlUnwind
SetStdHandle
TlsAlloc
GetThreadPriority
VirtualFree
EnumResourceLanguagesW
GetCurrentProcess
VirtualAlloc
GetSystemTime
AddAtomA
WaitCommEvent
SetCurrentDirectoryA
GetCPInfo
GetPrivateProfileStructW
SetFilePointer
GetCommandLineW
TlsGetValue
lstrcpynA
ReadConsoleInputW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ffcfc9cc1300c90bcaf607617c8f45a

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

comdlg32

comctl32

kernel32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 112KB - Virtual size: 127KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 112KB - Virtual size: 127KB

.rsrc
Size: 40KB - Virtual size: 38KB