3cb821c8e38587cf1ae4623c516d43d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cb821c8e38587cf1ae4623c516d43d9_JaffaCakes118
Size

197KB
MD5

3cb821c8e38587cf1ae4623c516d43d9
SHA1

141e3026bc9d6500ba26a7bc911fa895eae085b9
SHA256

e18e844a4d01cdc6fab813b841a2f3e8f2ec4c14383274ab0f4e16934f436f37
SHA512

95edef2acd038baeec1fcb5dbef8e4c632112f4a8f6c132255ea3a8a88bcd80a048d413828a0a6748964638b2515ef9bbe8d06a17ef0d93c7e0b8ea8d2f141d8
SSDEEP

3072:483wDEXR8gR8n92mypss45TK92M/DfQjGsXP96/ui1cJVu9mJbnS88:t5B8gR8ngwsDLDfOhXP96miFmJb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cb821c8e38587cf1ae4623c516d43d9_JaffaCakes118

Files

3cb821c8e38587cf1ae4623c516d43d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a89ab7ac0cc80c809f52d9a5ab42b8fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
FindResourceA
LocalAlloc
ExitProcess
GetProcAddress
GetThreadLocale
GetVersionExA
VirtualFree
Sleep
FreeLibrary
LocalFree
GetLastError
LoadLibraryA
GetFullPathNameA
GetModuleHandleA
lstrcmpA
VirtualAlloc

user32

DispatchMessageA
GetSystemMetrics
GetScrollPos
GetKeyboardType
GetForegroundWindow
EnumThreadWindows
GetWindowRect
IsWindowVisible
LoadCursorA
PeekMessageA
SendMessageA
ReleaseCapture
LoadKeyboardLayoutA
EnumWindows
GetWindowLongW
EnableWindow
GetPropA
GetMenuState
SetWindowPlacement
RemoveMenu
GetMessagePos
IsZoomed
FindWindowA
ShowWindow
SetParent
PtInRect
CheckMenuItem
DefFrameProcA
FrameRect
CharToOemA
GetClassLongA
IsRectEmpty
SetWindowTextA
GetWindow
SetClassLongA
SetWindowPos
DrawEdge
DestroyMenu
KillTimer
CharLowerA
MoveWindow
GetSubMenu
GetWindowThreadProcessId
SetClipboardData
ActivateKeyboardLayout
EnumChildWindows
GetWindowDC
CreateMenu
GetIconInfo
DrawFrameControl
SetCursor
WindowFromPoint
DrawAnimatedRects
LoadIconA
IsDialogMessageW
OemToCharA
FillRect
TranslateMDISysAccel
wsprintfA
RegisterWindowMessageA
SetMenuItemInfoA
CallNextHookEx
GetClassNameA
TranslateMessage
PostQuitMessage
SystemParametersInfoA
GetDlgItem
PeekMessageW
CloseClipboard
ReleaseDC
UnhookWindowsHookEx
CreatePopupMenu
OpenClipboard
ChildWindowFromPoint
CharLowerBuffA
RedrawWindow
RemovePropA
GetSysColorBrush
RegisterClassA
ScrollWindow
GetTopWindow
GetActiveWindow
GetCapture
DestroyCursor
SetWindowLongW
GetCursor
IsWindowUnicode
GetClipboardData
SetWindowLongA
InsertMenuA
ShowScrollBar
CharUpperBuffA
SetCapture
GetKeyState
UnregisterClassA
GetMenu
GetWindowPlacement
GetKeyboardLayoutList
CreateIcon
SendMessageW
GetMenuStringA
EnableScrollBar
DefWindowProcA
GetParent
GetClientRect
SetFocus
IsChild
SetTimer
GetDC
IsWindow
DrawMenuBar
GetFocus
EmptyClipboard
GetSystemMenu
InvalidateRect
CharNextW
SetActiveWindow
DeleteMenu
IntersectRect
SetWindowsHookExA
TrackPopupMenu
EnableMenuItem
SetScrollInfo
ShowOwnedPopups
CreateWindowExA

Sections

CODE
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a89ab7ac0cc80c809f52d9a5ab42b8fe

Headers

File Characteristics

Imports

kernel32

user32

Sections

CODE Size: 43KB - Virtual size: 42KB

.rdata Size: 140KB - Virtual size: 247KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

CODE
Size: 43KB - Virtual size: 42KB

.rdata
Size: 140KB - Virtual size: 247KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB