3c8c610abbea5a1920631811b7da5273_JaffaCakes118

General

Target

3c8c610abbea5a1920631811b7da5273_JaffaCakes118
Size

80KB
MD5

3c8c610abbea5a1920631811b7da5273
SHA1

cee36fee545d077000e8f5e572604d99749e0280
SHA256

ea8efe766c83a79c67d605c0a591f0ef212d9b9cd5d7c8b1ed7a499a8051d1c5
SHA512

6eefd28c65f4ea442807b64d59b912982d73d53a2f8ca755374b90a111ae27f010de0de5e6456f06d2d75899987bf15930e866c9b1a6f261301aadd266c00e9b
SSDEEP

1536:dxNx1Tht3jVKCllhAtbczpnItq7y6ka/+5pdAnUsWjRZemtRV4+fi:tThVjjHqq+tIy6p/+y6lZ4+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c8c610abbea5a1920631811b7da5273_JaffaCakes118

Files

3c8c610abbea5a1920631811b7da5273_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec37a669e571e8db665dc40202918d2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetLocalTime
SetEvent
CreateWaitableTimerW
DuplicateHandle
GetSystemTime
LockResource
GetLogicalDrives
CloseHandle
VirtualFree
WaitForMultipleObjects
DeleteFileW
CreateEventW
ResetEvent
VirtualAlloc
SetWaitableTimer
FindResourceW
SetThreadPriority
FreeResource
MoveFileW
QueryDosDeviceW
lstrlenW
GetPrivateProfileStringW
FindFirstChangeNotificationW
ReadProcessMemory
FindClose
TerminateThread
LoadLibraryA
CreateProcessW

user32

GetCursorPos
MessageBoxW
IsDlgButtonChecked
DispatchMessageW
DialogBoxParamW
PostMessageW
RegisterClassExW
GetWindowTextW
GetClassNameW
SetCapture
DefWindowProcW
GetWindowRect
PostQuitMessage
SystemParametersInfoW
LoadIconW
ReleaseCapture
GetMessageW
FillRect
SetForegroundWindow

gdi32

CreateSolidBrush
CreateCompatibleBitmap
GetMapMode
GetObjectW
CreatePen
GetClipBox
GetDeviceCaps

advapi32

RegNotifyChangeKeyValue
StartServiceW
RegDeleteValueW
LookupAccountSidW

Sections

.unkltd
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qmstl
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iofj
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec37a669e571e8db665dc40202918d2c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.unkltd Size: 68KB - Virtual size: 67KB

.qmstl Size: 4KB - Virtual size: 1KB

.iofj Size: 4KB - Virtual size: 22KB

.unkltd
Size: 68KB - Virtual size: 67KB

.qmstl
Size: 4KB - Virtual size: 1KB

.iofj
Size: 4KB - Virtual size: 22KB