3ea45a19f55b1646bf080e715cf3fb64_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ea45a19f55b1646bf080e715cf3fb64_JaffaCakes118
Size

277KB
MD5

3ea45a19f55b1646bf080e715cf3fb64
SHA1

59fca996ea50142a85f75b719a0bab76185f2f4d
SHA256

dfb8849a14346b85170e2dfd3f804b41ba75860dda7b5f1a7d8dbe58ed98c1b3
SHA512

32822db5076b40151ea06dfb3a0d660b29e7143ebfada98fdc2aebcbed9e4d91e6786713f5b4a0ea8ff98309013ce77f10f70d72c59e5b5d11a432e711f1c025
SSDEEP

6144:narBw5q1NeAO23ZLzIi39dCXCu/V8qBEpfpTo1:arBCqWYOiNcXCu6Ppfi1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ea45a19f55b1646bf080e715cf3fb64_JaffaCakes118

Files

3ea45a19f55b1646bf080e715cf3fb64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

111d397fc87dcc9c58dd1fbec5ba5a3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
VirtualFree
FreeResource
SetCurrentDirectoryW
DuplicateHandle
GlobalLock
SuspendThread
SetEvent
FreeLibrary
InterlockedIncrement
GlobalAddAtomW
LoadLibraryW
GetUserDefaultLangID
SetThreadPriority
GetCurrentProcess
ExitProcess
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualProtect
FindNextChangeNotification
SetFilePointer
CancelWaitableTimer
GlobalAlloc
ReadFile
FindClose
WriteFile
CloseHandle
lstrcpyW
GetVersion
LockResource
WritePrivateProfileStringW
FindResourceW
GetCurrentThread
GetModuleHandleW
MulDiv
GlobalUnlock
CreateWaitableTimerW
WaitForSingleObject
LoadResource
GetSystemTime
GetLogicalDrives
CreateThread
GetCurrentProcessId
GetFileAttributesW
CreateEventW
SetEndOfFile
FileTimeToSystemTime
GlobalDeleteAtom

user32

PostMessageW
GetDlgItem
wsprintfW
LoadStringW
GetCursorPos
ReleaseCapture
RegisterHotKey
OffsetRect
DestroyMenu
IsWindow
GetWindowTextW
LoadImageW
DrawTextW
InvalidateRect
SetDlgItemTextW
PostQuitMessage
IsDlgButtonChecked
SetWindowTextW
CreatePopupMenu
VkKeyScanW
GetMessageW
GetSysColor
DispatchMessageW
LoadIconW
FillRect
SendMessageW
TrackPopupMenu
MessageBoxW
SendDlgItemMessageW
GetWindowRect
SetCapture
LoadCursorW
DefWindowProcW
DestroyIcon
ReleaseDC

gdi32

Rectangle
CreateDCW
CreateBitmap
DPtoLP
StretchBlt
CreateRoundRectRgn
GetMapMode
GetStockObject
GetClipBox
SetBkMode
CreateFontIndirectW
CreateICW
SetBkColor
GetDeviceCaps
MoveToEx
LineTo

advapi32

LookupPrivilegeValueW
RegCreateKeyExW
SetSecurityDescriptorDacl
RegSetValueExW
RegNotifyChangeKeyValue
RegDeleteValueW
StartServiceW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
InitializeSecurityDescriptor

ole32

CoInitializeEx
CoUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

111d397fc87dcc9c58dd1fbec5ba5a3d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 248KB - Virtual size: 244KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 248KB - Virtual size: 244KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 17KB