d348b9f1678e7f83917bdd9ec0169a20_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d348b9f1678e7f83917bdd9ec0169a20_JaffaCakes118
Size

164KB
MD5

d348b9f1678e7f83917bdd9ec0169a20
SHA1

e4278f96944742fe9773f02f058c1e1c73272ed1
SHA256

e8d285520e2a3a6d04e73e5a4a63922b1084b9b05684518e3876c39cbfb3dfb7
SHA512

52fbee95ba7a823b4eacc80ca81f3eadb4dd9391bfee2c64dda1e19005943c33c1d078ecaaefc20387ec56485ce132c63bafe2971a1aab67a042330ec6870515
SSDEEP

3072:fE/D6PZF2Z1rumCw0HYAbeQBpkI2dfZEQAIpg3bPfFyB8I48iLMM:fSwPu5P0HYA1/kIMDa37tRAiLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d348b9f1678e7f83917bdd9ec0169a20_JaffaCakes118

Files

d348b9f1678e7f83917bdd9ec0169a20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a325e8526b22f385818c5a0f853b31d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mmioSeek
mmioClose
mmioWrite
mmioRead
mmioOpenW

kernel32

ResetEvent
EnterCriticalSection
GlobalFree
lstrcmpW
lstrlenA
DeleteCriticalSection
GetACP
GetSystemTimeAsFileTime
lstrcpyW
GlobalSize
GlobalReAlloc
MultiByteToWideChar
GetCurrentProcessId
LeaveCriticalSection
ReadFile
GetTickCount
WriteFile
lstrcpyA
lstrcatA
GetOverlappedResult
InitializeCriticalSection
GetLastError
lstrcpynW
GetFullPathNameW
LocalAlloc
GlobalAlloc
CreateFileW
GetFileSize
SetUnhandledExceptionFilter
GlobalUnlock
GetModuleHandleA
WideCharToMultiByte
SetErrorMode
MulDiv
QueryPerformanceCounter
LoadLibraryW
LocalFree
IsBadReadPtr
CloseHandle
GetDiskFreeSpaceW

msacm32

acmStreamConvert
acmFormatDetailsW
acmFormatSuggest
acmFormatTagDetailsW
acmStreamClose
acmStreamOpen
acmStreamUnprepareHeader
acmFormatChooseW
acmStreamPrepareHeader
acmMetrics
acmGetVersion
acmStreamSize

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
memmove
_purecall
_ftol
__getmainargs
malloc
free
__p__commode
_adjust_fdiv
mbstowcs
atoi
__set_app_type
exit
_initterm
_vsnwprintf

user32

MessageBoxW
PeekMessageW
DialogBoxParamW
LoadStringW
IsRectEmpty
SendMessageW
EndDialog
GetDC
SetRect
EnableWindow
SetDlgItemInt
MessageBeep
TranslateMessage
ReleaseDC
SetDlgItemTextW
wsprintfW
CheckDlgButton
GetDlgItem
SendDlgItemMessageW
CharPrevW
DestroyWindow
IsDlgButtonChecked
SetRectEmpty

ole32

OleGetClipboard
CoMarshalInterface
OleUninitialize
CoCreateInstance
CoUnmarshalInterface
CoGetMarshalSizeMax
CoGetMalloc
OleSetClipboard
OleInitialize
OleFlushClipboard
CreateStreamOnHGlobal
ReleaseStgMedium

msvfw32

ICGetDisplayFormat
ICSendMessage
ICDecompress
ICCompressorChoose
ICClose
ICCompress
ICOpen
ICGetInfo
ICCompressorFree

advapi32

RegEnumKeyW
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegOpenKeyW
RegQueryValueW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a325e8526b22f385818c5a0f853b31d

Headers

File Characteristics

Imports

winmm

kernel32

msacm32

msvcrt

user32

ole32

msvfw32

advapi32

Sections

.text Size: 100KB - Virtual size: 99KB

.idata Size: 40KB - Virtual size: 39KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 100KB - Virtual size: 99KB

.idata
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 23KB - Virtual size: 23KB