3ba7e671e84e882277bbeb7b7b70f243_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ba7e671e84e882277bbeb7b7b70f243_JaffaCakes118
Size

316KB
MD5

3ba7e671e84e882277bbeb7b7b70f243
SHA1

ba0abb38170178910882ffbb0b10316157c085d5
SHA256

ef63f87e83982eb9e6ee83425a655f11bcd01297e6f4f1e4f2071633d44cb032
SHA512

a6bf8afaf10f2158ab8f0cd826599cbb921bf96949e407b58e2fbfea2dfe9fab4f5b878ef222e94f7eed894f41c3d7d15562e0b1e48d28c08cb0eefca10d3cfe
SSDEEP

6144:jEFS5cW3gY/Ij5OGICA8+DmsCXqNvfcneW9t+QxakKtQn4VbDOGF:j+Sb7aDVT+DYSv0+o9S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ba7e671e84e882277bbeb7b7b70f243_JaffaCakes118

Files

3ba7e671e84e882277bbeb7b7b70f243_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec0d7c1e8233906ce57ee7294ebcec5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootA
PathCanonicalizeW
StrToIntExW

comdlg32

GetSaveFileNameA
ChooseColorA
GetOpenFileNameA

kernel32

GetProcessHeap
GetTempPathW
CreateMutexW
CreateFileMappingW
OutputDebugStringW
MoveFileExA
CreateProcessW
VirtualQueryEx
InitializeCriticalSection
EnumResourceNamesW
GetTimeFormatA
ExitProcess
GetVolumeInformationW
SetFileAttributesA
SuspendThread
CreateFileA
GetPrivateProfileSectionA
LocalFileTimeToFileTime
_lclose
GetExitCodeThread
LocalUnlock
CopyFileW
LocalAlloc
GlobalAddAtomW
GetQueuedCompletionStatus
LoadLibraryExA
SetFilePointerEx
SetThreadExecutionState
LoadLibraryA
SearchPathA
GetLongPathNameW
DeleteTimerQueueEx
SetFilePointer
ReleaseSemaphore
IsDebuggerPresent
SetProcessWorkingSetSize
FindFirstFileA
ResetEvent
GetPriorityClass
Beep
CreateDirectoryA
GetProcessTimes
CreateMutexA
TransactNamedPipe
GetThreadLocale
IsProcessorFeaturePresent
GetTempPathA
SetThreadPriority
GetFileSizeEx
QueueUserWorkItem
GetExitCodeProcess
FormatMessageW
FindFirstFileW
VirtualAlloc
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
GetVersion
GetCommandLineA
GetStartupInfoA
GetEnvironmentVariableW
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
HeapReAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
FreeEnvironmentStringsA
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW

comctl32

ImageList_AddMasked
ImageList_GetBkColor

gdi32

GetSystemPaletteEntries
PlayEnhMetaFile

shell32

SHAppBarMessage
SHBrowseForFolderA
Shell_NotifyIconA

oleaut32

SysStringLen

ole32

CreateDataAdviseHolder
CoIsOle1Class
OleRun
StringFromCLSID

advapi32

GetUserNameA
LookupPrivilegeValueA
RegCreateKeyExA
CryptCreateHash
OpenThreadToken
CryptVerifySignatureW
RegOpenKeyExA

user32

GetMenu
ValidateRgn
CheckRadioButton
EmptyClipboard
DestroyCaret
LoadStringA
DdeUnaccessData
GetMessageA
CopyImage
CharToOemBuffA
DialogBoxIndirectParamW
CreateMenu
LoadAcceleratorsA
GetKeyboardState
GetForegroundWindow
MonitorFromWindow
InvalidateRect
DestroyMenu
GetMonitorInfoW
RedrawWindow
GetInputState
ReleaseCapture
IsDialogMessageW
LoadBitmapW
CharUpperBuffA
GetClientRect
DestroyIcon
LoadBitmapA
VkKeyScanW
OffsetRect
CreateIconIndirect
AppendMenuW
GetWindowTextLengthW
LoadCursorW
SendDlgItemMessageA
ActivateKeyboardLayout
GetWindowLongW
GetWindowWord
DefWindowProcW
ChildWindowFromPoint
SendMessageW
VkKeyScanA
ValidateRect
InflateRect
GetNextDlgGroupItem
GetSystemMetrics
DeferWindowPos
IsZoomed
GetClassInfoExW
TrackMouseEvent
AdjustWindowRect
DestroyAcceleratorTable
SetDlgItemInt

version

VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA

Sections

.text
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec0d7c1e8233906ce57ee7294ebcec5b

Headers

File Characteristics

Imports

shlwapi

comdlg32

kernel32

comctl32

gdi32

shell32

oleaut32

ole32

advapi32

user32

version

Sections

.text Size: 268KB - Virtual size: 264KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 268KB - Virtual size: 264KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 2KB