dc3782a1b6af60c44a5ba7c90e7ba87d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dc3782a1b6af60c44a5ba7c90e7ba87d_JaffaCakes118
Size

147KB
MD5

dc3782a1b6af60c44a5ba7c90e7ba87d
SHA1

98cb5f0450a719f23933d261c85c7055561123fe
SHA256

e1784d87918fde3c2057c7019e9aaf2de363b3296e7747729032c402d7a1ae77
SHA512

c399888b14e0600cff7c930a72fa43a5f1e1bcf52113561ffdefb13d8b285b2f457311230536ed758eea3875b2be04ed02e2f531c99444274fdd4d8db1727bad
SSDEEP

3072:4bS3kyGA7RdnEaPgDGg0ItF5XFCFTsT4UCPyd4VAA7e3TcD:4bSUyNzEaox0ItFjzCPi4V1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc3782a1b6af60c44a5ba7c90e7ba87d_JaffaCakes118

Files

dc3782a1b6af60c44a5ba7c90e7ba87d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

263082db466f182894d74f0a88b0efb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RaiseException
QueryPerformanceCounter
GetCurrentProcess
InterlockedIncrement
VirtualProtect
UnhandledExceptionFilter
InterlockedDecrement
IsDBCSLeadByte
CreateFileMappingA
MulDiv
GetModuleHandleA
GetStartupInfoA

msvcrt

_adjust_fdiv
_except_handler3
_wtol
sscanf
_write
wcscspn
fclose
__set_app_type
_initterm
__getmainargs
_controlfp
_XcptFilter
_strdup
fread
longjmp
log10
__setusermatherr
__p__fmode
_acmdln
exit
_snprintf
__p__commode

comctl32

ImageList_Read
CreateStatusWindowA
ImageList_LoadImageW
ImageList_Write
ImageList_GetImageInfo
ImageList_DragEnter
InitCommonControls
ImageList_DragLeave
PropertySheetW

oleaut32

SafeArrayCreate
SysStringByteLen
SafeArrayRedim
VariantCopy
SetErrorInfo
SafeArrayPtrOfIndex
SysFreeString
SafeArrayGetUBound
SafeArrayGetElement

advapi32

RegEnumKeyExW
RegCreateKeyExW
CryptReleaseContext
GetUserNameA
SetSecurityDescriptorOwner
RevertToSelf
DeregisterEventSource
RegSetValueExA
RegEnumValueA

user32

SetTimer
IsWindow
CloseClipboard
DialogBoxParamA
GetParent
DrawTextA
ShowWindow
GetWindowLongA
IsIconic
PostQuitMessage
MessageBeep
ScreenToClient

gdi32

GetSystemPaletteEntries
SetMetaFileBitsEx
GetOutlineTextMetricsA
GetTextAlign
GetViewportOrgEx
PolyDraw
GetTextMetricsW
ExtTextOutA
SetPolyFillMode
CreatePatternBrush

shell32

SHCreateDirectoryExW
ShellExecuteW
SHGetPathFromIDListA
CommandLineToArgvW
SHFileOperationA
SHGetSpecialFolderPathW
ShellExecuteExA
DoEnvironmentSubstW

ole32

OleInitialize
CoTaskMemFree
OleDraw
OleRun

version

GetFileVersionInfoW
VerInstallFileA
VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeW
VerLanguageNameA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

263082db466f182894d74f0a88b0efb3

Headers

File Characteristics

Imports

kernel32

msvcrt

comctl32

oleaut32

advapi32

user32

gdi32

shell32

ole32

version

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 109KB - Virtual size: 108KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 109KB - Virtual size: 108KB