3ea356a06dc465d6c22f31e90ab129cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ea356a06dc465d6c22f31e90ab129cd_JaffaCakes118
Size

162KB
MD5

3ea356a06dc465d6c22f31e90ab129cd
SHA1

4c6db506bdb2caf0fc1624b35df313a945c08508
SHA256

e73242e349c7bb5031ce72c8fcb95e95988a3340353c8728df7d30c760b80b25
SHA512

924807e6d0ad10e8ddd1fccc790d0437c5c5dcaf938cb8b5731c8b03e5bcd8f87bb1430eef71fb66f5d80f6e6db4023b9520a4fad9604cdd2c2e4468b4b53ada
SSDEEP

3072:8dP7B/SEgORhR/pt03ZL+gr00WIsMNd64LsiGStr8QGd4x9O0:ucEJt0p6gr0DW64L/Fr8QAS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ea356a06dc465d6c22f31e90ab129cd_JaffaCakes118

Files

3ea356a06dc465d6c22f31e90ab129cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fa854588ae9285ae157fb79c20877f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EqualRect
GetClassLongA
CharToOemA
DispatchMessageW
EnumChildWindows
GetDC
ShowWindow
GetClassInfoA
SetWindowLongA
FillRect
DefFrameProcA
EnumWindows
IsDialogMessageA
CreateMenu
DrawIcon
DrawTextA
GetKeyState
CharLowerBuffA
BeginDeferWindowPos
EnableScrollBar
GetClientRect
CharNextA
ClientToScreen
GetWindow
DrawIconEx
DeferWindowPos
RegisterClassA
SetWindowTextA
GetMenuStringA
GetMenuItemID
IsWindowEnabled
GetDlgItem
EnableWindow
SetWindowPos
SystemParametersInfoA
SetCursor
IsMenu
GetSubMenu
ShowScrollBar
FrameRect
GetLastActivePopup
GetIconInfo
IsChild
GetCursor
TrackPopupMenu
GetMessagePos
SetTimer
DispatchMessageA
EndDeferWindowPos
GetActiveWindow
DefWindowProcA
DrawEdge
GetCapture
HideCaret
CallNextHookEx
CreatePopupMenu
GetScrollRange
CallWindowProcA
GetWindowTextA
CheckMenuItem
CharLowerA
GetScrollInfo
GetSysColorBrush
BeginPaint
GetMenuItemInfoA
GetKeyNameTextA
GetPropA
GetScrollPos
GetDCEx

kernel32

lstrcpynA
GetLocaleInfoA
CloseHandle
CompareStringA
GetStringTypeW
DeleteFileA
ExitProcess
FindFirstFileA
lstrcmpA
LoadResource
MulDiv
GetModuleHandleA
HeapDestroy
GetCurrentThread
GlobalAlloc
MoveFileA
lstrcmpiA
HeapFree
VirtualAllocEx
GetCurrentProcessId
GetEnvironmentStrings
VirtualQuery
RaiseException
GetCurrentThreadId
FreeLibrary
GetDiskFreeSpaceA
GetFileType
GetCurrentProcess
SizeofResource
CreateThread
GetFullPathNameA
WriteFile
lstrlenA
GetTickCount
LocalFree
Sleep
GlobalFindAtomA
GetOEMCP
GetProcessHeap
SetEndOfFile
GetModuleFileNameA
WideCharToMultiByte
FormatMessageA
GetStartupInfoA
EnumCalendarInfoA
LocalAlloc
GetProcAddress
GetFileAttributesA
lstrcatA
DeleteCriticalSection
GetDateFormatA
FindClose
GetLastError
LoadLibraryA
InitializeCriticalSection
ExitThread
WaitForSingleObject
LocalReAlloc
LockResource
LoadLibraryExA
GlobalAddAtomA
CreateFileA
GetThreadLocale
FreeResource
GetSystemDefaultLangID
VirtualAlloc
GetUserDefaultLCID
GlobalDeleteAtom
HeapAlloc
lstrcpyA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

msvcrt

_acmdln
memcpy
calloc
memmove
log

Sections

CODE
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fa854588ae9285ae157fb79c20877f5

Headers

File Characteristics

Imports

user32

kernel32

version

msvcrt

Sections

CODE Size: 40KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 83KB

DATA Size: 117KB - Virtual size: 116KB

CODE
Size: 40KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 83KB

DATA
Size: 117KB - Virtual size: 116KB