3cb94194d667b2e691be971f7c5cd79e_JaffaCakes118

General

Target

3cb94194d667b2e691be971f7c5cd79e_JaffaCakes118
Size

418KB
MD5

3cb94194d667b2e691be971f7c5cd79e
SHA1

f101e5e5147acc228af6a98110b3aec5deaf7151
SHA256

db7d7ac2143495c4fde968baf71d788add369620a43ea517c83985a232182be6
SHA512

aceb3e594030c6d1da7a87f5b7bd3a6584e7f41eac74b558beb815a718d2528b5b6fe4e8eb659a3bfba35fe85545196ae492744e708c0f8cd962749203bbfcc3
SSDEEP

12288:wQbj38ScsCP+QXw+qD+2vZ50ytkqsqP6QiXEGcQNCSkifY:FdgP+QXw+KJB3LfiUGr8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cb94194d667b2e691be971f7c5cd79e_JaffaCakes118

Files

3cb94194d667b2e691be971f7c5cd79e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c598cf867544e0cc2641f9796c9da2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
BroadcastSystemMessageA
GetWindowRgn
DefFrameProcW
GetWindowLongW
GetKeyboardType
GetKeyboardLayoutNameW
DefMDIChildProcA
DispatchMessageW
WinHelpA
CharPrevW
SetUserObjectSecurity
OemToCharA
SetClipboardData
SetWindowLongW
GetShellWindow
DrawAnimatedRects
EnumDisplayDevicesA
DefMDIChildProcW
SetScrollRange
FindWindowExA
CreateDialogIndirectParamA
SetCursor
ExitWindowsEx
CreateAcceleratorTableA

kernel32

GetSystemDefaultLCID
WriteTapemark
BeginUpdateResourceA
GetVolumeInformationW
CreateEventA
ConvertDefaultLocale
CreateEventW
GetThreadPriority
WriteProcessMemory
WritePrivateProfileSectionA
GetStringTypeExW
IsValidCodePage
LocalSize
OpenMutexA
GetProfileStringA
WritePrivateProfileStructA
GetProfileStringW
GlobalGetAtomNameW
GetProcessVersion
FindAtomA
TlsFree
GetModuleHandleW
GetExitCodeProcess
CancelIo
WaitCommEvent
SetProcessAffinityMask
GetCommandLineA
CreateFiber
SetConsoleCursorPosition
DebugBreak
GetQueuedCompletionStatus
GetTapePosition
GetTapeParameters
ScrollConsoleScreenBufferA
GetDiskFreeSpaceExA
GetFileAttributesExW
QueryDosDeviceA
CreateMutexA
GetPrivateProfileIntW
CreateDirectoryExA
SetPriorityClass
WinExec
GetConsoleCP
CreateFileW
SetVolumeLabelW
SetProcessWorkingSetSize
SwitchToThread

Sections

.text
Size: 37KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c598cf867544e0cc2641f9796c9da2c

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 37KB - Virtual size: 347KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 366KB - Virtual size: 365KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 37KB - Virtual size: 347KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 366KB - Virtual size: 365KB

.rsrc
Size: 10KB - Virtual size: 9KB