a3a60158cf53a0c9961130bab5925982_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3a60158cf53a0c9961130bab5925982_JaffaCakes118
Size

165KB
MD5

a3a60158cf53a0c9961130bab5925982
SHA1

438718b98f508b73a7562d6a6a24a51d67f78497
SHA256

3109a700aeebbf14a5732eade885ac9490993bb438e5adb3f0061c38a6f36921
SHA512

fe6a4ff7b2e4c7f36401f5721d83e314d7fa965724123ad7fc21a88182f2a9736b360b87bcae54fc45fb6068d289bbf074af39798c3be9848d8a7fc8af4dbc1c
SSDEEP

3072:uktVpzEXlISeRClO/Jk2NSqNkFFH15ZP0Ns7HiQTBfa1G:jz0lw1k2RM5ZiqCQTB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3a60158cf53a0c9961130bab5925982_JaffaCakes118

Files

a3a60158cf53a0c9961130bab5925982_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17d40c7c250136ca20b394dd2b0cdd8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
fread
longjmp
_setjmp3
sprintf
strlen
strcpy
memmove
strcmp
strncmp
fabs
ceil
malloc
floor
free
fclose
strncpy
strcat
abort
_snprintf
__p__iob
fprintf
_CIpow
strtod

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
GetCurrentThreadId
GetCurrentProcessId
Sleep
HeapAlloc
HeapFree
InitializeCriticalSection
HeapReAlloc
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
SetLastError
GlobalAlloc
GlobalFree
TlsAlloc
GetCurrentDirectoryA
FindClose
FindFirstFileA
GetLastError
FindNextFileA
DeleteFileA
CreateDirectoryA
WriteFile
CloseHandle
CreateFileA
ReadFile
SetFilePointer
DeleteCriticalSection
InterlockedCompareExchange
InterlockedExchange

user32

MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
GetWindowLongA
SetWindowPos
EnableWindow
EnumWindows
DestroyWindow
GetPropA
RemovePropA
CallWindowProcA
DefWindowProcA
SetPropA
SetWindowLongA
ValidateRect
GetWindowRect
GetParent
MapWindowPoints
InvalidateRect
CreateWindowExA
SendMessageA
GetSysColor
RedrawWindow
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
GetWindow
SetFocus
UpdateWindow
GetClientRect
GetIconInfo
DrawStateA
GetFocus
GetSysColorBrush
FrameRect
DrawFocusRect
GetDC
ReleaseDC
InflateRect
GetWindowDC
MoveWindow
FillRect
GetSystemMetrics
DrawFrameControl
PeekMessageA
TranslateMessage
DispatchMessageA
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
LoadCursorA
RegisterClassA
AdjustWindowRectEx
GetActiveWindow
ShowWindow
CreateAcceleratorTableA
GetMenu
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
GetKeyState
SetCapture
PostMessageA
GetCursorPos
ReleaseCapture
EnumChildWindows
DefFrameProcA
IsChild
GetClassNameA
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource

gdi32

GetStockObject
CreateRectRgn
SelectClipRgn
GetObjectA
GetObjectType
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
SetBkColor
SetTextColor
ExcludeClipRect
CreatePen
MoveToEx
LineTo
CreateDCA
StretchBlt
CreateDIBSection
CreateSolidBrush
GetDIBits
CreateBitmap
SetPixel
SetDIBits

comctl32

InitCommonControlsEx
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon
ImageList_GetIconSize

ole32

CoInitialize
RevokeDragDrop

winmm

timeBeginPeriod
timeEndPeriod

Sections

.code
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17d40c7c250136ca20b394dd2b0cdd8f

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comctl32

ole32

winmm

Sections

.code Size: 26KB - Virtual size: 26KB

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 9KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 744B

.code
Size: 26KB - Virtual size: 26KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 9KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 744B