3cdc83882f9a8f1149b0ab63e1e17322_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cdc83882f9a8f1149b0ab63e1e17322_JaffaCakes118
Size

89KB
MD5

3cdc83882f9a8f1149b0ab63e1e17322
SHA1

1dd943b90f5fb12be210569a8e202a870bea23b4
SHA256

f50d0c1437c910dac2780bda0247f19321873d532f3a4c8515a6ac8ca4a5af66
SHA512

5772a050b797fcd8441e8d7a3c0d6282f5fbe7ca2839fb826e893a6199ece2e3965c278cb130c1de5930d39721775f91b68d9fb1ab2017702a7c9c697eb7db0a
SSDEEP

1536:NbHqkNVj9qPt6Cfytj9rdEumBeH5pxF48QPDvS2l4V5hczE+Ai738lGOmZTe:Nekrqt6AMQ1B+Xz4DvS2l43WzE+AAdOh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cdc83882f9a8f1149b0ab63e1e17322_JaffaCakes118

Files

3cdc83882f9a8f1149b0ab63e1e17322_JaffaCakes118
.exe windows:5 windows x86 arch:x86

822ed8dbdd32b3ee4080310ac8b9b5f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
strncpy
signal
fflush
_initterm
__dllonexit
__set_app_type
__p__fmode
_setmode
_snprintf
_XcptFilter
fputc
strstr
__setusermatherr
_except_handler3
fopen
free
_exit
__p___initenv
_write
atexit
calloc
__getmainargs
_adjust_fdiv
__p__commode

kernel32

GetLastError
GetCommandLineW
VirtualProtectEx
GetProcAddress
GetSystemTime
MulDiv
GetOEMCP
GetVersionExA
GetProcessHeap
FreeEnvironmentStringsA
LocalFree
FormatMessageA
IsBadWritePtr
GetModuleHandleW
CreateProcessA

ole32

IIDFromString
StgOpenStorageOnILockBytes
IsAccelerator
CoGetMalloc
CoTaskMemAlloc
CoInitialize
CoTaskMemRealloc
CoLoadLibrary
ReleaseStgMedium
StringFromGUID2
RevokeDragDrop
CoGetInterfaceAndReleaseStream
ProgIDFromCLSID
DoDragDrop
CLSIDFromString
StringFromIID

user32

GetPropA
GetSysColor
CreateMenu
PostMessageA
AdjustWindowRectEx
RegisterClipboardFormatA
IsDialogMessageA
DrawIcon
InsertMenuA
WinHelpA
RemovePropA
SetScrollInfo
IsChild
DestroyCursor
GetIconInfo
GetForegroundWindow

comctl32

ImageList_DragLeave
CreateToolbarEx
CreateStatusWindowA
ImageList_SetIconSize
ImageList_Write
ImageList_GetImageInfo
ImageList_GetIcon
PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_LoadImageA

advapi32

SetSecurityDescriptorDacl
RegEnumValueW
CryptGenRandom
RegCreateKeyExW
RegOpenKeyExW
LookupPrivilegeValueW
CryptAcquireContextA
OpenServiceW
RegCreateKeyExA

gdi32

EnumFontFamiliesW
GetStretchBltMode
GetBkColor
ExtTextOutA
StartDocA
AbortDoc
CreatePenIndirect
SetWinMetaFileBits
CopyEnhMetaFileA
SetEnhMetaFileBits
StrokePath
PolylineTo
Ellipse
PlayMetaFileRecord
CreateFontIndirectW
RemoveFontResourceA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

822ed8dbdd32b3ee4080310ac8b9b5f1

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

user32

comctl32

advapi32

gdi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 61KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 61KB

.rsrc
Size: 8KB - Virtual size: 7KB