b3818e90e85b44b4850d906f1c109642_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b3818e90e85b44b4850d906f1c109642_JaffaCakes118
Size

600KB
MD5

b3818e90e85b44b4850d906f1c109642
SHA1

88ce054691423f48f19930d39b389db8ee509a17
SHA256

89f73a5b6c1be59dc723d0dcc7547c730edec35376083849fff5073416c748ef
SHA512

1e1e01a64d3b7352635a4becb944c84ff75b96b903032c07dd468ce177fec5b150417edf9b9754a6ca0b311e832354ca149daf40f4b0210d03f599b452db4326
SSDEEP

12288:m5CGsKpMH3J3gUIoyi4VOufcPIlsEl70wyb1M+CAmb7Nqy:ssKpMH31g0p4VffcPN0gwRAmb7Nq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3818e90e85b44b4850d906f1c109642_JaffaCakes118

Files

b3818e90e85b44b4850d906f1c109642_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6a72c6578558200644933e1a5733467

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW

shell32

ExtractIconW
DragQueryFile

kernel32

GetModuleHandleA
SetEnvironmentVariableA
GetUserDefaultLCID
VirtualFree
GetStdHandle
MoveFileExW
InterlockedExchange
FreeEnvironmentStringsA
GetCurrentThread
MultiByteToWideChar
GetLocaleInfoA
CreateToolhelp32Snapshot
GetCurrentProcess
FreeEnvironmentStringsW
ReadFile
SetHandleCount
VirtualAlloc
FlushInstructionCache
SetFilePointer
SetLastError
GetTimeFormatA
LeaveCriticalSection
GetDateFormatA
GetModuleFileNameA
HeapValidate
GetSystemTimeAsFileTime
GetWindowsDirectoryW
HeapDestroy
DeleteCriticalSection
lstrcatW
WriteFile
TlsSetValue
GetACP
GetLastError
GlobalFree
GetLocaleInfoW
TlsAlloc
GetTickCount
QueryPerformanceCounter
CreateDirectoryA
OpenMutexA
VirtualQuery
GetCurrentProcessId
LoadLibraryA
LCMapStringA
IsBadWritePtr
OutputDebugStringA
CloseHandle
InterlockedIncrement
FlushFileBuffers
UnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
WritePrivateProfileStructA
WideCharToMultiByte
GetTimeFormatW
UnlockFileEx
SetConsoleCtrlHandler
HeapCreate
HeapReAlloc
TlsFree
CreateWaitableTimerW
GetFileType
TlsGetValue
GetEnvironmentStrings
GetCurrentThreadId
FindResourceExA
EnumSystemLocalesA
GetStringTypeW
CreateMutexA
lstrcatA
VirtualProtect
ExitProcess
GetSystemInfo
RtlUnwind
WriteProfileStringW
InterlockedDecrement
CompareStringA
IsValidCodePage
EnterCriticalSection
InitializeCriticalSection
HeapFree
IsBadReadPtr
IsValidLocale
LCMapStringW
SetStdHandle
GetOEMCP
GetStartupInfoA
GetProcAddress
CompareStringW
DebugBreak
GetEnvironmentStringsW
GetCommandLineA
HeapAlloc
GetModuleHandleW
GetVersionExA
GetCPInfo
CreateNamedPipeW
GetStringTypeA

comctl32

CreateStatusWindow
DestroyPropertySheetPage
DrawStatusTextA
ImageList_Replace
ImageList_AddIcon
ImageList_GetImageRect
ImageList_DrawIndirect
ImageList_SetDragCursorImage
ImageList_Remove
InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_Duplicate
ImageList_SetFlags
ImageList_LoadImageA

user32

ClipCursor
CreateWindowExA
DispatchMessageA
CloseClipboard
SetRect
GetGuiResources
SystemParametersInfoW
SetDlgItemTextW
CharToOemBuffA
SendMessageTimeoutA
GetShellWindow
WaitMessage
LoadImageW
SwitchDesktop
ShowWindow
GetMessageA
GetNextDlgGroupItem
GetMessageExtraInfo
RealGetWindowClass
SetShellWindow
SetMenuInfo
InSendMessage
CallMsgFilterA
DdePostAdvise
CheckMenuItem
DdeQueryStringA
InsertMenuW
LoadIconA
GetWindowLongA
SetScrollRange
RegisterClassExA
DefMDIChildProcA
CopyAcceleratorTableA
CharToOemA
TrackPopupMenu
DlgDirListA
NotifyWinEvent
RegisterClassA
IsWindowVisible
ToUnicode
GetClipboardOwner
RegisterHotKey
SetPropW
CharToOemW
LookupIconIdFromDirectory
DefWindowProcA
EnumDesktopsW
CreateCursor
ReuseDDElParam
MessageBoxA
DestroyWindow
HideCaret

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6a72c6578558200644933e1a5733467

Headers

File Characteristics

Imports

comdlg32

shell32

kernel32

comctl32

user32

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 112KB - Virtual size: 114KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 112KB - Virtual size: 114KB

.rsrc
Size: 16KB - Virtual size: 12KB