3f160f418e0b5a446afae6018d34d322_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f160f418e0b5a446afae6018d34d322_JaffaCakes118
Size

100KB
MD5

3f160f418e0b5a446afae6018d34d322
SHA1

bf73e404b575d6db46e20a6f0543920950f39dc3
SHA256

4a85103f58206205c114d0f420a8f2d16d9ec445c4702de24dd7653221de84d8
SHA512

c9e6b49fe0b8b0ecd31908e3bca4730ae92cca620d77d62e3839971451a0d794c0be47a357a10a4675960d28296c716f8a317f642f17a808b0c908b37677f83d
SSDEEP

3072:z+WVm9BghMTsijhkf2vUROxK+IGUEFCG:z+Gm9uhksij6mxK+dd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f160f418e0b5a446afae6018d34d322_JaffaCakes118

Files

3f160f418e0b5a446afae6018d34d322_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5f203de8d83ac6c996d33a900e6faf24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
SetFilePointer
GetCurrentProcessId
CreateEventW
GlobalUnlock
EnterCriticalSection
DeleteFileW
GlobalHandle
PostQueuedCompletionStatus
SetEvent
GetProcessHeap
HeapFree
WaitForMultipleObjects
ReadFile
VirtualFree
GetFullPathNameW
MulDiv
SetThreadPriority
SetEndOfFile
GetSystemDefaultLangID
GlobalFree
MultiByteToWideChar
IsBadReadPtr
lstrcmpiW
GlobalLock
CreateThread
InterlockedIncrement
QueryPerformanceCounter
FreeLibrary
lstrcpynW
GetTickCount
GlobalAlloc
InterlockedExchange
lstrcmpW
GetDiskFreeSpaceW
WideCharToMultiByte
InitializeCriticalSection
IsBadHugeReadPtr
CreateIoCompletionPort
GetFileSize
GetLastError
GetModuleFileNameA
GetSystemInfo
GetCurrentProcess
CreateFileW
GlobalMemoryStatus
GetThreadPriority
DeleteCriticalSection
InterlockedDecrement
GetStartupInfoA
IsBadWritePtr
GetProfileIntA
GetSystemTimeAsFileTime
lstrcpyW
GetPrivateProfileStringW
LeaveCriticalSection
GetEnvironmentStringsW
WriteFile
GetVersionExW
ResetEvent
WaitForSingleObject
lstrlenW
lstrlenA
HeapAlloc
GetQueuedCompletionStatus
ReleaseSemaphore
IsBadCodePtr
GetFileAttributesW
SetUnhandledExceptionFilter
CreateSemaphoreW
CloseHandle
lstrcpyA
LoadLibraryW

winmm

waveInStart
OpenDriver
waveInGetDevCapsW
SendDriverMessage
waveInClose
waveInStop
mixerGetLineInfoW
CloseDriver
waveInAddBuffer
waveInOpen
mixerGetID
mixerGetControlDetailsW
waveInUnprepareHeader
mixerGetLineControlsW
waveInReset
mixerOpen
mixerClose
mixerSetControlDetails
waveInPrepareHeader

user32

ShowWindow
TranslateMessage
CreateDialogParamW
SendMessageW
GetAsyncKeyState
CheckDlgButton
DestroyWindow
wsprintfW
EnableWindow
GetDC
GetDlgItemInt
GetDesktopWindow
IsRectEmpty
GetWindowRect
DefWindowProcW
IsWindowVisible
SetDlgItemTextW
LoadCursorW
DispatchMessageW
ReleaseDC
LoadStringW
InvalidateRect
CheckRadioButton
SetCursor
GetClientRect
SetWindowLongW
SetDlgItemInt
MoveWindow
ClientToScreen
GetDlgItem
GetWindowLongW
IsWindow
PeekMessageW

msvcrt

_purecall
wcslen
??2@YAPAXI@Z
??3@YAXPAX@Z
_ftol
_except_handler3

msvfw32

ICLocate
ICDecompress
ICGetInfo
ICOpen
ICClose
ICCompress
ICSendMessage

advapi32

RegOpenKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyW
RegEnumKeyW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdi32

GetPaletteEntries
GetObjectW
SelectObject
PatBlt
GetStockObject
GetTextExtentPoint32W

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f203de8d83ac6c996d33a900e6faf24

Headers

File Characteristics

Imports

kernel32

winmm

user32

msvcrt

msvfw32

advapi32

version

gdi32

ole32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 17KB - Virtual size: 80KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 17KB - Virtual size: 80KB

.rsrc
Size: 23KB - Virtual size: 23KB