3c4bce74a23356df89f375f655806196_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c4bce74a23356df89f375f655806196_JaffaCakes118
Size

181KB
MD5

3c4bce74a23356df89f375f655806196
SHA1

e44ba8e38a9174ab7be0fd8c0634abd5abdc40bf
SHA256

abf1f836ba60800162030a783537a7cf57cd572f9b9e81cc8b6aa2cc4e358531
SHA512

27e2617d30193b64326f336b0df8336a6e9d65cc527b73e038f8b0a15e8c86d55b8b54b91d3ebc305d7f26ccf82d7d3aa9382ddaef8096d44b859759f596eb72
SSDEEP

3072:dzXG8tXbrTHxAICsWkt+OTBF0YxC1up+JPv5R99YgF99NOAbaXAn:FLXbrEsWcfBFiup+Z9YWvVbaI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c4bce74a23356df89f375f655806196_JaffaCakes118

Files

3c4bce74a23356df89f375f655806196_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7402454d4a68e9d56966937869f1364

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FrameRect
EnableScrollBar
IsWindowVisible
DefFrameProcA
GetDlgItem
GetSysColor
GetSubMenu
DrawTextA
GetParent
GetMenuItemCount
SetWindowTextA
GetMenu
GetDesktopWindow
EnableMenuItem
SetTimer
GetClassInfoA
GetActiveWindow
GetMenuState
GetClientRect
DefWindowProcA
GetScrollPos
SystemParametersInfoA
GetDC
CreateWindowExA
DeferWindowPos
SetWindowPos
EndDeferWindowPos
GetKeyNameTextA
CallNextHookEx
BeginPaint
CreateMenu
GetScrollInfo
GetLastActivePopup
GetWindow
CharLowerA
EqualRect
GetPropA
ClientToScreen
DefMDIChildProcA
RegisterClassA
DispatchMessageA
EndPaint
CharNextA
GetClipboardData
GetSysColorBrush
SetWindowLongA
TrackPopupMenu
GetWindowTextA
DrawFrameControl
CharLowerBuffA
DrawEdge
FillRect
IsWindowEnabled
HideCaret
DispatchMessageW
CheckMenuItem
GetClassLongA
EnumChildWindows
GetCapture
ShowWindow
SetCursor
CreateIcon
DrawIconEx
GetKeyState
GetCursor
GetMenuStringA
CreatePopupMenu
IsDialogMessageA
DrawMenuBar
EnumThreadWindows
DrawIcon
GetMenuItemID
CallWindowProcA
GetFocus
GetDCEx
GetMessagePos
GetScrollRange
FindWindowA
GetMenuItemInfoA
IsMenu
ShowScrollBar
EnumWindows

comctl32

ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Draw
ImageList_Write
ImageList_Create
ImageList_Destroy
ImageList_GetBkColor
ImageList_Remove
ImageList_Read
ImageList_Add

kernel32

SetLastError
Sleep
GetFileType
HeapDestroy
GetProcessHeap
VirtualAllocEx
HeapFree
GetLocalTime
ExitProcess
lstrcpynA
SetEvent
GlobalAlloc
GetStartupInfoA
GetOEMCP
GetThreadLocale
ReadFile
FreeResource
HeapAlloc
WriteFile
GetCurrentProcess
lstrcmpA
EnumCalendarInfoA
ExitThread
SetFilePointer
lstrlenA
GetStdHandle
GetStringTypeA
GlobalFindAtomA
SizeofResource
FindClose
FindResourceA
GetFileSize
GetFullPathNameA
GetVersionExA
GetModuleFileNameA
CompareStringA
LocalReAlloc
GetACP
GetCPInfo
WideCharToMultiByte
RaiseException
WaitForSingleObject
VirtualAlloc
GetEnvironmentStrings
lstrcatA
GetCommandLineA
GlobalDeleteAtom
LoadLibraryExA
CreateThread
GetDiskFreeSpaceA
CreateEventA
GetCurrentThreadId
VirtualFree
GetUserDefaultLCID
FormatMessageA
GetSystemDefaultLangID
VirtualQuery
InitializeCriticalSection
FindFirstFileA
SetThreadLocale
ResetEvent
MulDiv
LoadLibraryA
CreateFileA
MoveFileA
DeleteCriticalSection
GetCurrentThread
GetCurrentProcessId
DeleteFileA
MoveFileExA
lstrcpyA
LocalAlloc
GetLocaleInfoA
SetErrorMode
SetEndOfFile
LocalFree
lstrcmpiA
GetFileAttributesA
GetProcAddress
GetDateFormatA
LoadResource
FreeLibrary
LockResource
CloseHandle
GetModuleHandleA

comdlg32

FindTextA
GetOpenFileNameA
GetSaveFileNameA

ole32

StgCreateDocfileOnILockBytes
PropVariantClear
StringFromIID
CoRegisterClassObject
ReleaseStgMedium

oleaut32

SafeArrayUnaccessData
OleLoadPicture
VariantChangeType
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayGetElement
VariantCopyInd
SysFreeString
GetErrorInfo
RegisterTypeLib

ntdll

wcscat
NtWaitForSingleObject
atol

gdi32

SaveDC
GetDIBColorTable
CreatePalette
GetBitmapBits

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerInstallFileA

msvcrt

sqrt
rand
sprintf
time
malloc
tolower
mbstowcs
srand
strlen
exit
wcscspn
_acmdln
memcpy
wcsncmp
atol
memset
clock
memmove

advapi32

RegQueryValueA
RegOpenKeyExA

shell32

DragQueryFileA

Sections

CODE
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7402454d4a68e9d56966937869f1364

Headers

File Characteristics

Imports

user32

comctl32

kernel32

comdlg32

ole32

oleaut32

ntdll

gdi32

version

msvcrt

advapi32

shell32

Sections

CODE Size: 51KB - Virtual size: 50KB

.edata Size: 118KB - Virtual size: 118KB

BSS Size: 7KB - Virtual size: 6KB

.tls Size: 1KB - Virtual size: 41KB

.rdata Size: 2KB - Virtual size: 1KB

CODE
Size: 51KB - Virtual size: 50KB

.edata
Size: 118KB - Virtual size: 118KB

BSS
Size: 7KB - Virtual size: 6KB

.tls
Size: 1KB - Virtual size: 41KB

.rdata
Size: 2KB - Virtual size: 1KB