3cb5bf0e2948e7e9c5a556c78f18d0ab_JaffaCakes118

General

Target

3cb5bf0e2948e7e9c5a556c78f18d0ab_JaffaCakes118
Size

67KB
MD5

3cb5bf0e2948e7e9c5a556c78f18d0ab
SHA1

3be11498b090aed0ae06a063cd043f1d49686fe3
SHA256

d7a4303f13bc3c3a963ac122756f786703fde35f99b825153bfbceeaa9617539
SHA512

bfea364d6a4d817b2f9fd0a2d6902eb393df550877ac1191342f7c38f5960fcfb27e2ac568b2542f71646f964e94feac0eaa1fa534aa91c3f7bcf86f6e8ed9b7
SSDEEP

1536:V4+jbfqc0WPU40wI6OWDyapP2JCcjEkT4a5kr2MwbOmY0cs7ZSy0:CofD0WMlDWDyaMUWEzHvwbDY0c0ZK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cb5bf0e2948e7e9c5a556c78f18d0ab_JaffaCakes118

Files

3cb5bf0e2948e7e9c5a556c78f18d0ab_JaffaCakes118
.exe regsvr32 windows:4 windows x86 arch:x86

3efd99b88a3a840c48973393d34da5b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetConsoleKeyboardLayoutNameW
WriteConsoleOutputCharacterW
LocalCompact
SetInformationJobObject
EnumSystemLocalesW
SetFileTime
FindVolumeClose
UnregisterWait
AddConsoleAliasA
GetDefaultCommConfigW
FlushFileBuffers
EnumResourceTypesW
SetStdHandle
lstrcmpiA
GetConsoleMode
FreeConsole
IsBadStringPtrA
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

CreateWindowStationA
UpdatePerUserSystemParameters
MapVirtualKeyA
SetRect
EditWndProc
SetMenuContextHelpId
RegisterWindowMessageA
WindowFromPoint
GetTopWindow
LoadCursorA
SetProcessDefaultLayout
MapDialogRect
ScrollWindow
IsCharUpperA
SetCursorPos
RemoveMenu

shell32

SHGetFileInfoW
RealShellExecuteA
ExtractIconEx
StrNCmpIA
StrRChrIA
PrintersGetCommand_RunDLLA
SHGetSpecialFolderPathW
SHGetNewLinkInfo
StrChrA
StrNCmpA
ShellAboutA

Exports

Exports

DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3efd99b88a3a840c48973393d34da5b6

Headers

File Characteristics

Imports

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 86KB

.data Size: 59KB - Virtual size: 63KB

.rsrc Size: 1024B - Virtual size: 4KB

.edata Size: 2KB - Virtual size: 6KB

.reloc Size: - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 86KB

.data
Size: 59KB - Virtual size: 63KB

.rsrc
Size: 1024B - Virtual size: 4KB

.edata
Size: 2KB - Virtual size: 6KB

.reloc
Size: - Virtual size: 4KB