3c5dbafdf4fea61bac788845f09415a5_JaffaCakes118

General

Target

3c5dbafdf4fea61bac788845f09415a5_JaffaCakes118
Size

199KB
MD5

3c5dbafdf4fea61bac788845f09415a5
SHA1

0fcbaebaa7693f29359e8db98b51a5942982c386
SHA256

65922450f6109f8e8179a18f5939c1c319bbcf92c01cc8b4fe7f846f7e57bce6
SHA512

b0e3ff631a9e38287f61df535ecec50a1a2d023454fd12df1b363f53a8019e33bf63d2f6f25fb6477c25a343517c5f5894ba17aaf0dfdad0f50179dbcedac214
SSDEEP

6144:3XiHL/vAT+yWfRQ4lWqDsxWqQCFIPTsEOFDK:2vU+yWfCoWqDsx40I7oe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c5dbafdf4fea61bac788845f09415a5_JaffaCakes118

Files

3c5dbafdf4fea61bac788845f09415a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

079110c4bf02c0db8ca1acdc1ba32fde

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
MulDiv
GetStringTypeA
LoadLibraryA
SetEvent
SetStdHandle
HeapSize
DeleteFileW
VirtualAlloc
GetConsoleMode
CreateDirectoryW
GetOEMCP
CloseHandle
WideCharToMultiByte
GetProcAddress
GetCurrentDirectoryW
GetConsoleCP
FreeEnvironmentStringsW
lstrcatW
TlsSetValue
InterlockedIncrement
SetUnhandledExceptionFilter
lstrlenW
GetSystemInfo

user32

GetDlgItemTextW
DestroyCursor
SetDlgItemInt
LoadStringW
AppendMenuW
LoadCursorW
TranslateMessage
GetMenuItemID
DeferWindowPos
CheckMenuItem
CreateDialogParamW
DrawIcon
WindowFromPoint
GetClientRect
GetMessageA
DispatchMessageA

gdi32

CreateCompatibleDC
SetROP2
GetPixel
Rectangle
GetStockObject
CreateFontW
DeleteObject
OffsetWindowOrgEx
CreatePatternBrush
EnumFontFamiliesExW
MoveToEx

comdlg32

GetOpenFileNameW
PrintDlgW
GetSaveFileNameW
ChooseColorW

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegQueryInfoKeyW
RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExW

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

079110c4bf02c0db8ca1acdc1ba32fde

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 176KB - Virtual size: 176KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 1024B - Virtual size: 690B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 176KB - Virtual size: 176KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 1024B - Virtual size: 690B