38d68a48a027a10bb9cdc63afdd97d42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38d68a48a027a10bb9cdc63afdd97d42_JaffaCakes118
Size

300KB
MD5

38d68a48a027a10bb9cdc63afdd97d42
SHA1

b460b2d91d050d28d53bd027231e56a01504188c
SHA256

a5b86e911189188ea4194cc661a7d8644a8da5ac858daac858f4be1a3dab1a6d
SHA512

4728acaf102ef7fa3f592ab0236d7c2bffc9eb37fb06b6022fae0ea6c19cba902e4f98ca6d4ad1f1ea423ef258795d96717690da3f1ef8e0c3d4f226b0a33bfe
SSDEEP

3072:fOxZmaXpWhhzqY5+RoOj4wj0Lw3iKpazflhhH89XlgOTc5wNDTkKe+:fC0hzyzkXwBpaRhOBTcana+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d68a48a027a10bb9cdc63afdd97d42_JaffaCakes118

Files

38d68a48a027a10bb9cdc63afdd97d42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9929924fbb07aa48e096644762f2be64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

ole32

CoUninitialize
CoResumeClassObjects
CoRevokeClassObject
CoCreateInstance
CoInitialize
OleInitialize
OleUninitialize
CoRegisterClassObject

msvcrt

_itow
_ltow
_ultow
wcstol
__getmainargs
__p__commode
__p__fmode
??2@YAPAXI@Z
??3@YAXPAX@Z
_msize
free
malloc
realloc
_XcptFilter
_onexit
__dllonexit
__set_app_type
_except_handler3
_initterm
exit
_exit
_beginthreadex
_snwprintf
_wcsupr
memcpy
memmove
memset
__setusermatherr
_controlfp
_acmdln
_adjust_fdiv

user32

SetTimer
KillTimer
PostMessageW
CharUpperBuffW
wsprintfW
RegisterClipboardFormatW
SendMessageW
IsWindow
SetWindowTextW
IsWindowVisible
SendInput
GetForegroundWindow
ShowWindow
GetDesktopWindow
SetWindowLongW
DestroyWindow
DestroyCursor
PostThreadMessageW
CreateWindowExW
LoadIconW
LoadImageW
GetDlgItem
SetForegroundWindow
DialogBoxParamW
EndDialog
GetLastActivePopup
CreateDialogParamW
FindWindowW
ExitWindowsEx
MessageBoxW
LockWorkStation

advapi32

OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW

shlwapi

PathFindExtensionW
StrCmpIW
PathCommonPrefixW
PathFindFileNameW
PathAppendW
PathIsDirectoryW

kernel32

GetSystemTimeAsFileTime
LoadLibraryA
GetStartupInfoA
SleepEx
WaitForSingleObject
GetTickCount
GetCurrentThreadId
TlsGetValue
InterlockedExchange
LocalFree
LocalAlloc
lstrlenW
VirtualAlloc
VirtualFree
CloseHandle
TlsSetValue
MultiByteToWideChar
FreeLibrary
SetErrorMode
GetWindowsDirectoryW
GetProcAddress
LoadLibraryW
GetVersionExW
GetModuleFileNameW
GetModuleHandleA
GetFileAttributesW
lstrcpyW
SetThreadPriority
GetCurrentProcess
GetModuleHandleW
CreateMutexW
GetEnvironmentVariableW
CreateFileW
GetFileSize
SetFilePointer
WriteFile
HeapDestroy
HeapCreate
GetSystemInfo
TlsAlloc
GetLongPathNameW
TlsFree
TerminateThread
RaiseException
SetEndOfFile
GetExitCodeThread
CopyFileW
FormatMessageA
FlushInstructionCache
OutputDebugStringW
SetSystemPowerState

ntdll

RtlGetLastWin32Error
RtlFreeHeap
RtlAllocateHeap
RtlSizeHeap
RtlReAllocateHeap

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.newID
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9929924fbb07aa48e096644762f2be64

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

ole32

msvcrt

user32

advapi32

shlwapi

kernel32

ntdll

Sections

.text Size: 23KB - Virtual size: 24KB

.rdata Size: 9KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 964KB

.rsrc Size: 252KB - Virtual size: 252KB

.newID Size: 4KB - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 24KB

.rdata
Size: 9KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 964KB

.rsrc
Size: 252KB - Virtual size: 252KB

.newID
Size: 4KB - Virtual size: 4KB