39174c632f6690d0db72d3ef0a9b0fa3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39174c632f6690d0db72d3ef0a9b0fa3_JaffaCakes118
Size

732KB
MD5

39174c632f6690d0db72d3ef0a9b0fa3
SHA1

9f0b8c87a6b04ee9d589e500fcd2c1b0de463706
SHA256

e953f4fc27e6f2b37296a89112cea4d65ddfb35a17ffc6a2f287fad918ef5abf
SHA512

42a62c0af3385582c1c42c1d565feb0e8711cb90add8ff4f2bd727daaaa24b37b8da4f626fdbffd0caa8a1b52c7ee4c9c162592bb48b7a57e3487483881370a2
SSDEEP

12288:h8j+mwsm8/esQaJhLTGVFJ/P+j4qOcGzV0c/TZ3hVNJysQugb+USFc3K7LyTT:yCmDm8/lRhfwFdWsqO1/4st++USuoyv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39174c632f6690d0db72d3ef0a9b0fa3_JaffaCakes118

Files

39174c632f6690d0db72d3ef0a9b0fa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7b853e9e22ca16a7c8abee74c6947d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\gdgyco.pdb

Imports

kernel32

GetVersionExA
SetStdHandle
TlsSetValue
FoldStringA
WriteConsoleW
VirtualFree
GetLastError
HeapReAlloc
HeapAlloc
GetModuleHandleA
GlobalUnlock
MultiByteToWideChar
IsValidCodePage
IsValidLocale
InterlockedIncrement
ReadFile
GetConsoleCP
EnumResourceTypesA
VirtualAlloc
GetStringTypeExW
GetCommandLineA
HeapSize
GetDiskFreeSpaceExA
GetVolumeInformationW
GetNumberFormatW
GetACP
FlushFileBuffers
GetSystemTimeAsFileTime
GetUserDefaultLCID
FreeEnvironmentStringsW
TerminateProcess
CreateFileA
SetFilePointer
UnhandledExceptionFilter
InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
LCMapStringW
FreeLibrary
HeapDestroy
SystemTimeToFileTime
GetStartupInfoW
TlsFree
GetTickCount
GetLocaleInfoW
LoadLibraryA
HeapFree
GetStdHandle
SetConsoleCtrlHandler
GetDateFormatA
SetConsoleCursorInfo
CloseHandle
QueryPerformanceCounter
GetEnvironmentStrings
TlsGetValue
SetLastError
RtlUnwind
GetModuleFileNameW
TlsAlloc
LCMapStringA
CompareStringA
GetCurrentProcess
HeapCreate
ReadConsoleInputA
GetVolumeInformationA
CompareStringW
ExitProcess
GetStringTypeW
GetProcessHeap
GetStringTypeA
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
GetConsoleOutputCP
FreeEnvironmentStringsA
EnterCriticalSection
GetCommandLineW
IsDebuggerPresent
CreateMutexA
SetEnvironmentVariableA
VirtualQuery
GetCPInfo
IsBadReadPtr
GetConsoleMode
CommConfigDialogW
GetStartupInfoA
GetTimeFormatA
GetCurrentThread
GetModuleFileNameA
GetFileType
lstrlenW
OpenMutexA
GetEnvironmentStringsW
EnumSystemLocalesA
OutputDebugStringW
LeaveCriticalSection
WriteFile
GetLocaleInfoA
GetOEMCP
GetTimeZoneInformation
GetProcAddress
SetHandleCount
InterlockedDecrement
GetSystemTime
InterlockedExchange
OpenWaitableTimerA
WriteConsoleA
Sleep

shell32

DragQueryFileA
SHQueryRecycleBinA
ShellExecuteExA
InternalExtractIconListW
ExtractIconExA

comctl32

CreateToolbar
InitCommonControlsEx
ImageList_DragEnter

user32

DdeFreeStringHandle
DdeGetLastError
OemToCharBuffA
VkKeyScanW
EnumChildWindows
DlgDirListComboBoxW
RegisterDeviceNotificationA
CascadeWindows
CheckDlgButton
GrayStringW
RegisterClassA
WINNLSGetIMEHotkey
RegisterClassExA
GetScrollPos
UnregisterHotKey
GetDlgItem
SetParent
GetMenuStringA
MessageBoxExW
GetAsyncKeyState
DrawIconEx
InSendMessageEx
SetWindowContextHelpId
SetWindowsHookExA
ChangeDisplaySettingsExW

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7b853e9e22ca16a7c8abee74c6947d5

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

comctl32

user32

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 452KB - Virtual size: 448KB

.data Size: 144KB - Virtual size: 169KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 452KB - Virtual size: 448KB

.data
Size: 144KB - Virtual size: 169KB

.rsrc
Size: 28KB - Virtual size: 27KB