3cc03d7e936c474a227b39fee931e623_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cc03d7e936c474a227b39fee931e623_JaffaCakes118
Size

29KB
MD5

3cc03d7e936c474a227b39fee931e623
SHA1

fb6335e705a66f2417c7f9769ce0a447b3b33a05
SHA256

2a5343ce119f1421185cb88cccc1115318af27e78f5246a53ee2535213f612fb
SHA512

ab9508d524dcdfc533d0610d18004e87b26a0aa189d45bf7e472cefe88cd4042f4f6c3a490fc88a965b1ca86a9ce50c9f5bea60ca8bd77ba583ca020d7de4171
SSDEEP

384:mM7MKfxxLuRiwB9yBL8Fp5egd8DJwamlRBgYiKu+5z5xvhrhJoN3y:m4uRiwB94oD18DJ8O+5z5jhJoN3y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc03d7e936c474a227b39fee931e623_JaffaCakes118

Files

3cc03d7e936c474a227b39fee931e623_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df47fdf0301a249785e20be16b2cb66b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GlobalAlloc
GlobalFree
CopyFileA
lstrcpyA
lstrcatA
CloseHandle
GetCommandLineA
WinExec
GetVersion
VirtualFree
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
HeapFree
GetModuleHandleA
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrcmpiA
ExitProcess
GetStartupInfoA

user32

TranslateMessage
DispatchMessageA
LoadCursorA
IsDialogMessageA
GetMessageA
CreateWindowExA
RegisterClassA
SetCursor
CreatePopupMenu
AppendMenuA
GetCursorPos
TrackPopupMenu
DestroyMenu
CreateDialogParamA
GetWindowTextA
EndDialog
DestroyIcon
DefWindowProcA
GetDlgItem
KillTimer
SetWindowTextA
SendMessageA
SetTimer
UpdateWindow
ShowWindow
DialogBoxParamA
wsprintfA
MessageBoxA
PostQuitMessage
LoadImageA
RegisterClassExA
LoadIconA

gdi32

CreateSolidBrush
SetBkColor

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
ExtractIconA
SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA

rasapi32

RasSetEntryPropertiesA
RasHangUpA
RasGetConnectStatusA
RasEnumDevicesA
RasEnumConnectionsA
RasValidateEntryNameA
RasDeleteEntryA
RasDialA

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df47fdf0301a249785e20be16b2cb66b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

rasapi32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 12KB - Virtual size: 8KB