3bc0952b331b853dc6c7c3fe7817843d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3bc0952b331b853dc6c7c3fe7817843d_JaffaCakes118
Size

155KB
MD5

3bc0952b331b853dc6c7c3fe7817843d
SHA1

8bb3d5f7fede54098fb3269b76a7f1ac8cc8b694
SHA256

db3604c98ab6f1bb60aaeffd8ed192cfe65069c0037df73fa914ad405e18a856
SHA512

8b549910968e2b1d5775700b2d264a185b0a81a838c75a660966534a97c9c8babba0254c807325adf770c54fc3ae29f30b40fd4f3a444963fd427419a9e20077
SSDEEP

3072:t+r5P72fW5aU/UVt0SEs8LKyvxYyXksmdRbIsAcOqHmmTQeoz8vrGoGh2Z3QAX:+J7fgabnKuGdtNGTpzsacQi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bc0952b331b853dc6c7c3fe7817843d_JaffaCakes118

Files

3bc0952b331b853dc6c7c3fe7817843d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf7c830b007fff310368aff943a9b60e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
ExitProcess
GetCurrentThread
SizeofResource
GetLocalTime
VirtualQuery
GetTickCount
EnterCriticalSection
GetDiskFreeSpaceA
WideCharToMultiByte
GetModuleHandleA
FreeLibrary
Sleep
LoadLibraryExA
VirtualFree
lstrcatA
GetCurrentProcessId
GetStdHandle
SetLastError
ExitThread
VirtualAllocEx
GetVersion

oleaut32

SafeArrayUnaccessData

version

GetFileVersionInfoSizeA
VerQueryValueA
VerFindFileA

user32

DispatchMessageA
DefMDIChildProcA
ShowWindow
GetCursor
GetMenuItemCount
EnumWindows
GetScrollInfo
DispatchMessageW
DrawIcon
GetCapture
FillRect
CharNextA
CharLowerA
GetMenu
GetClientRect
GetMenuItemID
EnableWindow
GetFocus
GetCursorPos
TrackPopupMenu
CharToOemA
GetSysColor
SystemParametersInfoA
GetScrollRange
GetWindowTextA

ole32

StgOpenStorage
CoCreateFreeThreadedMarshaler
CLSIDFromProgID
CoTaskMemFree
MkParseDisplayName

msvcrt

wcscspn
strcmp
rand
pow
wcsncmp
strlen
malloc
memmove
log10
sqrt
memcpy
log
calloc
atol
clock
abs
memcmp
tolower
exp

shlwapi

SHQueryValueExA
SHSetValueA
PathIsDirectoryA
SHGetValueA
SHDeleteKeyA
SHEnumValueA
SHQueryInfoKeyA
PathGetCharTypeA
SHStrDupA
SHDeleteValueA

gdi32

GetPaletteEntries

Sections

CODE
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 791B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bf7c830b007fff310368aff943a9b60e

Headers

File Characteristics

Imports

kernel32

oleaut32

version

user32

ole32

msvcrt

shlwapi

gdi32

Sections

CODE Size: 35KB - Virtual size: 35KB

INIT Size: 114KB - Virtual size: 114KB

.rdata Size: 2KB - Virtual size: 97KB

.init Size: 512B - Virtual size: 373B

.idata Size: 1024B - Virtual size: 791B

CODE
Size: 35KB - Virtual size: 35KB

INIT
Size: 114KB - Virtual size: 114KB

.rdata
Size: 2KB - Virtual size: 97KB

.init
Size: 512B - Virtual size: 373B

.idata
Size: 1024B - Virtual size: 791B