3a12b295263354d80574b129686f6b14_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a12b295263354d80574b129686f6b14_JaffaCakes118
Size

142KB
MD5

3a12b295263354d80574b129686f6b14
SHA1

fe0b9fb3658a8bf1aae350726c235db110d45e40
SHA256

73d39bf681d68d6f1168c8ccd3021c95054f7d1255bb5dc45f790e08e852ad70
SHA512

9393f5b4039dd5712bfe61bbbc8c52c290aac80f98fda5889a1be77ad3a687ba3bb46f96e014d3c1eeb3f514828fa5bc1c1d3c9dc35f943a4b494379e0f5dc57
SSDEEP

3072:g6PBmsrVg0ya7PPbgfPDYMRPJIBGHfvubjf:nUggYqPDYMlvG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a12b295263354d80574b129686f6b14_JaffaCakes118

Files

3a12b295263354d80574b129686f6b14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77c559b6d76646adb9d9356cca3cbaa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
IsDebuggerPresent
ExitProcess
GetCommandLineW
VirtualFree
InterlockedExchange
GetOEMCP
GetStartupInfoA
GetModuleHandleA
GetSystemInfo

msvcrt

log
rand
__set_app_type
__setusermatherr
sqrt
_initterm
_XcptFilter
_exit
_chmod
_adjust_fdiv
ungetc
_acmdln
_lseek
_except_handler3
exit
__p__fmode
__p__commode
__getmainargs

user32

CreateWindowExA
IsChild
SetWindowPlacement
BeginPaint
EnumWindows
DestroyWindow
GetCursorPos
ShowCursor
GetScrollRange

ole32

IIDFromString
RegisterDragDrop
IsEqualGUID
CoFreeUnusedLibraries
CLSIDFromString
CoInitializeEx
CoGetMalloc
OleGetClipboard
CoGetClassObject

oleaut32

SafeArrayRedim
SysStringByteLen
VariantCopy
SetErrorInfo
CreateErrorInfo
SysAllocStringByteLen
VariantCopyInd
SafeArrayPutElement
SafeArrayUnaccessData

advapi32

OpenThreadToken
RegSetValueExW
OpenProcessToken
AllocateAndInitializeSid
RegDeleteKeyW
FreeSid
RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW

version

GetFileVersionInfoSizeA
VerFindFileW
GetFileVersionInfoA
VerQueryValueA
VerInstallFileA
GetFileVersionInfoSizeW

gdi32

GetNearestColor
CreateRectRgn
StartPage
IntersectClipRect
CreatePenIndirect
RealizePalette
ExtCreatePen

comctl32

ImageList_Write
ImageList_DrawEx
DestroyPropertySheetPage

shell32

CommandLineToArgvW
SHGetPathFromIDList
SHBrowseForFolderW
SHGetFolderLocation
SHGetSpecialFolderLocation

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77c559b6d76646adb9d9356cca3cbaa1

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

oleaut32

advapi32

version

gdi32

comctl32

shell32

Sections

.text Size: 62KB - Virtual size: 62KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 62KB - Virtual size: 62KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 29KB - Virtual size: 29KB