f3d8f2cf1d8faf3bf57fa4fb53f28140_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f3d8f2cf1d8faf3bf57fa4fb53f28140_JaffaCakes118
Size

228KB
MD5

f3d8f2cf1d8faf3bf57fa4fb53f28140
SHA1

00490312cd86766657bb413e66deb81144ed3a96
SHA256

b53e33675de30f4bf86518bc21c104bc88ee97025b3a47d8c697b0539e50cd34
SHA512

c14c5149fd7daaf0987a829bd3157e5ad5e70c746fa67347393cbb0bc92e74ddcfba1ed435edaa01b4bc54ccdac84338ab46d34ceb551401026b6254ebb79b50
SSDEEP

3072:hC0fyjm4tt4JVJrwfv1hdjZhsfYy3tXwpY1GMOJd4t1p+srU3qH4VdW2Ujuy/zSz:FydttkVJrqxLAwVMO+v+sSEdK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3d8f2cf1d8faf3bf57fa4fb53f28140_JaffaCakes118

Files

f3d8f2cf1d8faf3bf57fa4fb53f28140_JaffaCakes118
.exe windows:4 windows x86 arch:x86

afc9ccdd5122984d9cd59ac3b645dc28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgW
CommDlgExtendedError
GetSaveFileNameA
PrintDlgA
FindTextW
ChooseColorA
GetFileTitleA

gdi32

CopyMetaFileA
GetCharWidthFloatA
GetTextExtentPointA
PtInRegion
EnumFontFamiliesA
GetStretchBltMode
ScaleViewportExtEx
CreateFontW
CreateScalableFontResourceA
GetCurrentPositionEx
SetEnhMetaFileBits
CreatePalette
SetTextAlign
CreateBrushIndirect
AddFontResourceW
SetDIBitsToDevice
SetMetaRgn
SetWinMetaFileBits

advapi32

GetOldestEventLogRecord
RegisterServiceCtrlHandlerW
RegCreateKeyExW
RegQueryValueW

ole32

ReadClassStm
HACCEL_UserFree
WriteFmtUserTypeStg
HACCEL_UserUnmarshal
STGMEDIUM_UserFree
OleDestroyMenuDescriptor
CoGetInterfaceAndReleaseStream
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenPropStg
OleUninitialize
OleRegGetMiscStatus
OleSetContainedObject
OleLockRunning
CoCreateFreeThreadedMarshaler
OleCreateLink

msvcrt

_except_handler3
_controlfp
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

user32

ExitWindowsEx

mpr

WNetAddConnection2W
WNetGetNetworkInformationA
WNetAddConnection2A
MultinetGetConnectionPerformanceA
WNetConnectionDialog1A
WNetGetUserW
WNetOpenEnumA
WNetConnectionDialog
WNetGetUserA

shell32

SHBrowseForFolderA
SHQueryRecycleBinW
FindExecutableW

comctl32

InitializeFlatSB
ord5
PropertySheetW
ImageList_DragEnter

kernel32

SuspendThread
GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afc9ccdd5122984d9cd59ac3b645dc28

Headers

File Characteristics

Imports

comdlg32

gdi32

advapi32

ole32

msvcrt

user32

mpr

shell32

comctl32

kernel32

Sections

.text Size: 188KB - Virtual size: 187KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 183KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 188KB - Virtual size: 187KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 183KB

.rsrc
Size: 28KB - Virtual size: 24KB