3fb6e5d27137dbd7e6a29c2c26504a17_JaffaCakes118

General

Target

3fb6e5d27137dbd7e6a29c2c26504a17_JaffaCakes118
Size

25KB
MD5

3fb6e5d27137dbd7e6a29c2c26504a17
SHA1

f1036065037dbb4b8ad8d6c96e3dee659586323a
SHA256

11d7f0351922aa95238e9b52896bbb1083d890e20f014f0fed34360cb5ecd80e
SHA512

0e77cbd9ec4eb1f3f5ed71ddbcdc4095b88cc73718ca21ad916919f1bd299fa4b73358a95d1c4d58342820146577832a35856f4f68e4898d382621f54a921502
SSDEEP

384:saQBf+g2MQM2YUeXlfno4uwVMmaMllt4q5:sVBf+g2MnXXlfF5V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb6e5d27137dbd7e6a29c2c26504a17_JaffaCakes118

Files

3fb6e5d27137dbd7e6a29c2c26504a17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdfa614deca8ff0fd0c815c515975e53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\myproject\StartPage\SetStartPage\Release\SetStartPage.pdb

Imports

msvcrt

_cexit
strstr
??3@YAXPAX@Z
time
srand
exit
_c_exit
_acmdln
_exit
strcat
_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
toupper
memcpy
sprintf
_snprintf
printf
atol
strcpy
strlen
memset
_itoa

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA

netapi32

Netbios

kernel32

OutputDebugStringA
lstrlenA
GetCurrentProcessId
GetLastError
GetTickCount
GetStartupInfoA
CreateEventA
SleepEx

user32

SendMessageA
InvalidateRgn
GetFocus
DrawFocusRect
GetDC
GetSystemMetrics
SetWindowPos
SetWindowLongA
ReleaseDC
LoadCursorA
SetCursor
GetDlgCtrlID
CallWindowProcA
SetWindowTextA
GetDlgItem
LoadIconA
DialogBoxParamA
EndDialog

gdi32

SelectObject
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
ExtTextOutA
DeleteObject
SetTextColor
SetBkMode

shell32

ShellExecuteA

shlwapi

SHGetValueA
SHSetValueA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdfa614deca8ff0fd0c815c515975e53

Headers

File Characteristics

PDB Paths

Imports

msvcrt

wininet

netapi32

kernel32

user32

gdi32

shell32

shlwapi

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 12KB