39435f61ef013565aad9a43d317068b3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39435f61ef013565aad9a43d317068b3_JaffaCakes118
Size

496KB
MD5

39435f61ef013565aad9a43d317068b3
SHA1

55481c7bb05cf1a936c4ed7ce32fb1199be161c4
SHA256

112ebad4986e47bd77eaf483b59cd094296e9e7c3393eebdbac5e29d55c4c5cd
SHA512

5e9aebc736afef32b60aefd9082d34df907ab581007254c64bc7c818494c29bbace45df4440ef3c977030867e8e06adfebdd39a1668223d8e55510417b6e33d1
SSDEEP

12288:mtOPL/hgQF/fTFNHsbGiz44dlUlxT/a9/kv0uCgw:mtu7hgQZf244dl0T/8kv0fg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39435f61ef013565aad9a43d317068b3_JaffaCakes118

Files

39435f61ef013565aad9a43d317068b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6a8205fcf5cae2efc8fade3b31215e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\oaiw

Imports

gdi32

SetBrushOrgEx
CreateScalableFontResourceA
CreateBitmapIndirect
GetOutlineTextMetricsW
GetCharWidth32A
ColorMatchToTarget
GetTextCharset
SetWorldTransform
UnrealizeObject
PolyTextOutA
ResetDCW
GetCharacterPlacementW
ExtSelectClipRgn
GetSystemPaletteUse
ExcludeClipRect
CreateSolidBrush

comctl32

CreateToolbarEx
InitCommonControlsEx
ImageList_Replace
ImageList_Create
CreateStatusWindowW
ImageList_DragEnter
ImageList_GetBkColor
DestroyPropertySheetPage
CreatePropertySheetPage
ImageList_SetBkColor
ImageList_SetFlags
ImageList_GetImageCount
DrawInsert
ImageList_SetDragCursorImage
ImageList_GetDragImage
ImageList_DragLeave

comdlg32

GetOpenFileNameA
FindTextW
ReplaceTextA

user32

DlgDirSelectComboBoxExA
GetIconInfo
GrayStringW
IsWindowVisible
CallMsgFilterA
DefFrameProcA
IsZoomed
SetDebugErrorLevel
RegisterClassExA
OpenWindowStationW
CloseWindowStation
DragDetect
LoadImageW
GetKeyboardLayoutList
MessageBoxW
DefDlgProcA
DestroyWindow
DdeReconnect
GetMenu
CreateWindowExA
RegisterClassA
CreateCaret
FlashWindow
ShowWindow
AttachThreadInput
DlgDirListComboBoxW
IsCharAlphaNumericA
DdeFreeStringHandle
DdeQueryNextServer
DefWindowProcW
DeleteMenu
RealChildWindowFromPoint

kernel32

CreateFileA
GetConsoleCP
SetStdHandle
GetConsoleMode
InterlockedExchange
ExitProcess
GetThreadPriority
GetCPInfo
LCMapStringW
SetSystemTime
WriteConsoleA
GetWindowsDirectoryA
GetConsoleOutputCP
HeapAlloc
GlobalFree
GetCommandLineW
GetStdHandle
Sleep
lstrcmpiW
WriteFile
CreateMutexW
GetEnvironmentStringsW
TerminateProcess
GetOEMCP
SetCriticalSectionSpinCount
WideCharToMultiByte
OpenMutexA
GetModuleFileNameA
OpenSemaphoreA
HeapReAlloc
GetLocaleInfoW
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
RtlUnwind
CreateMutexA
SetHandleCount
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleA
GetProcessShutdownParameters
LoadLibraryA
GlobalUnfix
GetCurrentProcessId
TlsFree
VirtualQuery
ReadConsoleW
GetWindowsDirectoryW
GetFileType
VirtualFree
GetProcAddress
CloseHandle
WriteConsoleW
GetDateFormatA
GetCurrentThreadId
GetModuleFileNameW
GetCurrentThread
GetUserDefaultLCID
VirtualFreeEx
GetTickCount
FreeEnvironmentStringsA
SetFilePointer
TlsSetValue
GetThreadLocale
LCMapStringA
CreateDirectoryExW
GetStartupInfoA
InterlockedDecrement
GlobalCompact
GetTimeFormatA
FreeLibrary
QueryPerformanceCounter
SetConsoleCtrlHandler
GetPrivateProfileStructA
GetTimeZoneInformation
GetStringTypeW
SetLastError
GetEnvironmentVariableW
TlsGetValue
IsValidLocale
SetConsoleCursorInfo
HeapFree
ReadFile
InterlockedIncrement
IsDebuggerPresent
FlushFileBuffers
GetStringTypeA
GetLocaleInfoA
TlsAlloc
SetConsoleCursorPosition
LeaveCriticalSection
SetEnvironmentVariableA
EnterCriticalSection
CreateNamedPipeW
GetACP
LoadLibraryW
UnhandledExceptionFilter
VirtualAlloc
EnumSystemLocalesA
LocalFlags
HeapSize
IsValidCodePage
DeleteCriticalSection
GetProcessHeap
WaitCommEvent
HeapCreate
FoldStringA
GetCurrentProcess
MultiByteToWideChar
GetEnvironmentStrings
CompareStringA
InitializeCriticalSection
CompareStringW
WriteProfileStringA
lstrcmpi
HeapDestroy
GetLastError
SetFileAttributesA
LocalCompact
GetVersionExA
GetCommandLineA

shell32

SHBrowseForFolderA

wininet

GetUrlCacheGroupAttributeW
ReadUrlCacheEntryStream
HttpOpenRequestA
InternetGetCookieA

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6a8205fcf5cae2efc8fade3b31215e3

Headers

File Characteristics

PDB Paths

Imports

gdi32

comctl32

comdlg32

user32

kernel32

shell32

wininet

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 264KB - Virtual size: 260KB

.data Size: 108KB - Virtual size: 124KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 264KB - Virtual size: 260KB

.data
Size: 108KB - Virtual size: 124KB

.rsrc
Size: 24KB - Virtual size: 22KB