3b602bd834c5002c6f38264e1e2d46ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b602bd834c5002c6f38264e1e2d46ea_JaffaCakes118
Size

65KB
MD5

3b602bd834c5002c6f38264e1e2d46ea
SHA1

02b70bafa0716c36e413742801f79d3b2cde2e8f
SHA256

b34756a9636100a73db852b44fdd814c67134347eeea93dca0bec3ea0de37a2b
SHA512

65e3effcad3f8283c90fa0e34b197220e51f46a773a7b323aa3d3c0d855d7228e3a97dd3db7bcf019ced491b22aca941c586a45abf10384dd252fe3cac87a87a
SSDEEP

1536:kqAUBB3qX4xq19z7e6CsVTGpUn+brsnnnnnnnnnnnnnnnnnnnnWc:kgb344xq1h7hGp/Rc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b602bd834c5002c6f38264e1e2d46ea_JaffaCakes118

Files

3b602bd834c5002c6f38264e1e2d46ea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

32c0263b1b23932ba814b7b3046cb7d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
UnregisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
RegisterClassExA

comdlg32

GetOpenFileNameW
ChooseColorA

shell32

DragQueryFileW
SHAppBarMessage
SHGetSpecialFolderPathA

kernel32

HeapReAlloc
MultiByteToWideChar
LCMapStringW
IsProcessorFeaturePresent
GetStringTypeW
HeapAlloc
GetEnvironmentStringsW
HeapSize
RtlUnwind
Sleep
HeapFree
GetModuleHandleW
GlobalWire
VirtualAlloc
TerminateJobObject
GetTapeStatus
DosDateTimeToFileTime
OpenFileMappingA
EnumSystemLocalesA
GetVersionExA
SetCalendarInfoW
GetBinaryTypeW
FlushConsoleInputBuffer
ReleaseSemaphore
LockResource
FindNextVolumeA
GlobalMemoryStatusEx
FindFirstChangeNotificationA
GetModuleHandleA
DeviceIoControl
GetStringTypeExA
GetCompressedFileSizeW
MoveFileA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32c0263b1b23932ba814b7b3046cb7d0

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

kernel32

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 29KB - Virtual size: 28KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 2KB - Virtual size: 2KB