3739572d3024953f2741dfefd541e830_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3739572d3024953f2741dfefd541e830_JaffaCakes118
Size

161KB
MD5

3739572d3024953f2741dfefd541e830
SHA1

007f8c3ed96a170452853c13047e4e454e7b5561
SHA256

f15a98936e599efbddd87df66fa6565be368dc7e8a4f7c6779f1b972df883ff2
SHA512

322424c83e6c55cb544f2ae098271b706f53c665a7ab5ac9bb9e55035371adc6e01c5bf80867a01babe4330241e2cd9f73ffd40560fc9fe78a267ecf110e877a
SSDEEP

3072:pGadfMEhvwVcEy4p6VphnQtTBxy1lIuOAcfC+QpDlyjI1cfnVA4e:7dkcjEypQVal5OAYepJiNVA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3739572d3024953f2741dfefd541e830_JaffaCakes118

Files

3739572d3024953f2741dfefd541e830_JaffaCakes118
.exe windows:1 windows x86 arch:x86

400d335833e1ad611fbc351416eb6253

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStartupInfoA
GetOEMCP
WaitForMultipleObjects
CreateToolhelp32Snapshot
GetComputerNameW
GlobalMemoryStatus
SizeofResource
DuplicateHandle
IsBadStringPtrA
FindFirstFileA
GetLastError
GetProcessWorkingSetSize
SetEnvironmentVariableA
InterlockedDecrement
GetNumberFormatA
SetUnhandledExceptionFilter
TlsGetValue
ExitThread
GetSystemTimeAsFileTime
HeapFree
WriteFile
LockResource
lstrcmpiA
ReadFile
GetLocaleInfoW
GetFileTime
GlobalAddAtomA

gdi32

CreateDIBSection
GetTextMetricsA
CreateCompatibleBitmap
SelectClipRgn
GetBkColor
Polyline
SetTextColor
StartDocA
SetROP2
RestoreDC
GetTextExtentPoint32A
SaveDC
MoveToEx
CreateCompatibleDC

msvcrt

_mbsnset
_ismbckata
exit
_tell
_inp
_mbsncoll
puts
log10
_telli64
__p__fmode
_ismbbalnum
modf
_XcptFilter
mbtowc
__set_app_type
_wpgmptr
_mbsstr
_initterm
_wchdir
iswpunct
_adj_fpatan
_exit
_wstrdate
_mbsrev
_acmdln
__p__commode
_mbsinc
_wcslwr
getenv
memcpy
strtod
_controlfp
_wctime
__getmainargs
_except_handler3
sqrt
_adjust_fdiv
__setusermatherr
_putenv
_adj_fdivr_m64
_strlwr
_ismbcl2
_fileinfo

user32

LoadIconA
PeekMessageA
SetWindowPos
ScreenToClient
KillTimer
SetClassLongA
GetWindowPlacement
ScrollWindowEx
IntersectRect
GetDoubleClickTime
PostQuitMessage
DefFrameProcA
EnumWindows
TranslateAcceleratorA
LoadAcceleratorsA
GetWindowThreadProcessId
ShowWindowAsync
GetClientRect
DispatchMessageA
BeginPaint
AppendMenuA
DrawEdge
GetKeyState
WindowFromPoint

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

400d335833e1ad611fbc351416eb6253

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

msvcrt

user32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 184KB

.rsrc Size: 126KB - Virtual size: 125KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 184KB

.rsrc
Size: 126KB - Virtual size: 125KB