3966cf5fe2352be98fc6670f77092c4f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3966cf5fe2352be98fc6670f77092c4f_JaffaCakes118
Size

208KB
MD5

3966cf5fe2352be98fc6670f77092c4f
SHA1

54b49a45c6a5d57adb5e63eeb97e72463102856c
SHA256

d77a7b2e4ce9cfa8fb38349f47980870046ac9a2474e23696352f6f46febcf5c
SHA512

68903ab3ec789b928f7d31242a494b5e33dd0405118b4155f43eb3e9e6aa6c8e0371628cd768196f8151a50e051564fb410a75e12b074cdc33faec60911eb962
SSDEEP

3072:0DPrP0+IfBxULK6ur4AKKV6AopNgyci0phK0jnboVDcu38Xi+1ffsvasp:Wz0+uAKz4AKKSYg0jU9cOI3h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3966cf5fe2352be98fc6670f77092c4f_JaffaCakes118

Files

3966cf5fe2352be98fc6670f77092c4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9331c17c0d1c14d21a87f1af269f001

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateFileMappingW
GetTimeFormatA
GetVersionExA
MultiByteToWideChar
GetEnvironmentVariableA
lstrcpyW
ExpandEnvironmentStringsW
GetAtomNameW
GetVolumeInformationW
GetModuleHandleA
SystemTimeToFileTime
EnumTimeFormatsA
RemoveDirectoryA
DosDateTimeToFileTime
SearchPathA
GlobalDeleteAtom
CreateMailslotW
SetLocaleInfoA
GetAtomNameA
GetSystemDirectoryA
GetNumberFormatW
GetWindowsDirectoryW
OpenFile
GetFullPathNameA
CreateDirectoryW
GlobalGetAtomNameA
EnumTimeFormatsW
GetNamedPipeInfo

user32

InsertMenuA
CreateWindowExA
LoadMenuA
DeleteMenu
CreateDesktopW
wvsprintfW
ChildWindowFromPoint
LoadIconA
GetClassInfoA
GetDCEx
CreateAcceleratorTableA
GetCapture
IsChild
FindWindowA
PostMessageA
GetCapture
CreateDesktopA
EnableWindow
SendMessageA

gdi32

GetGlyphOutlineW
RemoveFontMemResourceEx
CreatePalette
SwapBuffers
PathToRegion
GetROP2
GetDIBits
GetObjectW
CreateColorSpaceW
GetDCBrushColor
CreateSolidBrush
GetPath
GetEnhMetaFilePixelFormat
GetTextCharset
AddFontResourceA
CreateDCW
CopyEnhMetaFileW
GetTextColor

advapi32

RegOpenKeyA
RegOpenKeyExA
RegOpenKeyExW

shlwapi

PathCompactPathA
PathBuildRootW
PathBuildRootA
HashData
SHRegSetUSValueW
PathGetCharTypeA
ColorAdjustLuma
AssocQueryStringA
PathGetCharTypeW
StrRStrIW
PathFindOnPathW
PathIsSystemFolderA
UrlHashW
ColorRGBToHLS
StrCSpnA
PathIsDirectoryA
PathRemoveExtensionA

comctl32

FlatSB_GetScrollRange
ImageList_GetFlags
ImageList_SetFlags
MakeDragList
ImageList_BeginDrag
DrawStatusText
CreateMRUListW

wsock32

setsockopt

Sections

.dIMPb
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.F
Size: 2KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.n
Size: 3KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zEH
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.arasaw
Size: 5KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 770B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9331c17c0d1c14d21a87f1af269f001

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comctl32

wsock32

Sections

.dIMPb Size: 10KB - Virtual size: 10KB

.F Size: 2KB - Virtual size: 201KB

.n Size: 3KB - Virtual size: 30KB

.zEH Size: 13KB - Virtual size: 13KB

.arasaw Size: 5KB - Virtual size: 114KB

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 770B

.dIMPb
Size: 10KB - Virtual size: 10KB

.F
Size: 2KB - Virtual size: 201KB

.n
Size: 3KB - Virtual size: 30KB

.zEH
Size: 13KB - Virtual size: 13KB

.arasaw
Size: 5KB - Virtual size: 114KB

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 770B