3d4022fbfef682d40fecebc16b136a28_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d4022fbfef682d40fecebc16b136a28_JaffaCakes118
Size

862KB
MD5

3d4022fbfef682d40fecebc16b136a28
SHA1

2f28e82024d7ce5dc171e14f1ffac1dd5f3d9d26
SHA256

7d0a56bb2027807448e26e21fd3c4e2da27e04fcb9025ce86ece91f67bd29aef
SHA512

c3c80fafd4d14e4d5ad0558da7e6d68342956357fb584402d2fa28cca4580334a01e8386c7205509e117dcf1e5c11806981a655f269df5847456cfb77f3ae714
SSDEEP

12288:z6dVlKxTNFn436eBjKU+HEdhxwKYNv3/hLxBZnj7iJ0G4WJbv5ZaZb:6Kx5SLUPHETCKYRNxz7y0DKDaZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d4022fbfef682d40fecebc16b136a28_JaffaCakes118

Files

3d4022fbfef682d40fecebc16b136a28_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b1ec137a84493e25dc87c30f0c322e42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GlobalDeleteAtom
OutputDebugStringW
QueryPerformanceCounter
IsBadCodePtr
FindNextFileA
DeviceIoControl
GetPrivateProfileStringW
GetVersionExA
VirtualFree
CreateEventA
lstrcpyW
OpenEventW
FlushFileBuffers
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetConsoleOutputCP
LoadResource
SizeofResource
GetEnvironmentStrings
UnlockFile
VirtualAlloc
GetWindowsDirectoryA
GetFullPathNameA
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
GetTempPathA
ExitProcess
DeleteFileA
LoadLibraryA
GetThreadLocale
GetModuleFileNameW
WaitForSingleObject
EnumSystemLocalesA
GetComputerNameW
WritePrivateProfileStringA
OutputDebugStringA
SearchPathW
GetCurrentProcessId
GetUserDefaultLCID

user32

RemoveMenu
EndPaint
RegisterWindowMessageW
InvalidateRect
GetForegroundWindow
EqualRect
SetWindowsHookExW
KillTimer
CreateWindowExW
CheckRadioButton
OpenClipboard
GetActiveWindow
PostMessageA
PtInRect
LoadIconA
ReleaseCapture
DefWindowProcW
IsWindow
EnumWindows
CopyRect
SystemParametersInfoW
SetCapture
IsWindowEnabled
SetWindowLongW
SetDlgItemTextW
GetWindowThreadProcessId
DispatchMessageW
GetPropA
CheckMenuItem
GetWindow
LoadCursorA
GetScrollPos

msvcrt

_exit
wcstol
_controlfp
fflush
__p__fmode
?what@exception@@UBEPBDXZ
_wtoi
_wtol
??3@YAXPAX@Z
malloc
exit
__p__commode
_amsg_exit
calloc
__getmainargs
__set_app_type
_CxxThrowException

Sections

.text
Size: 302KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data/0x
Size: 191KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1ec137a84493e25dc87c30f0c322e42

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 302KB - Virtual size: 302KB

.rdata Size: 1024B - Virtual size: 1024B

.data/0x Size: 191KB - Virtual size: 2.0MB

.rsrc Size: 365KB - Virtual size: 365KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 302KB - Virtual size: 302KB

.rdata
Size: 1024B - Virtual size: 1024B

.data/0x
Size: 191KB - Virtual size: 2.0MB

.rsrc
Size: 365KB - Virtual size: 365KB

.reloc
Size: 1KB - Virtual size: 1KB