39814d6723e47eae86cbf76466ab5f16_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39814d6723e47eae86cbf76466ab5f16_JaffaCakes118
Size

345KB
MD5

39814d6723e47eae86cbf76466ab5f16
SHA1

5d9cb6799a4763d314075763df94fa5cad05efec
SHA256

086b3d8185ab3b4f749a7b10a587374fb8348281134aaba2847f6cdc5a657dcf
SHA512

d8e59cf2ccb08088a9a37411b852391da06496a536c3a7db3fcfb4cdf3aac15f45a4c472c58e91c58c615297a954c635260ce13d1ab8731f11355b3e79dbca4b
SSDEEP

6144:3/l1ry9Gfl6wf+XvnMBHD6DWpS7ltla1ULRLXKAeT7nWYhyokUWoY/tN/:PjrwGdaXwH1IDU6tLaAeXnNhy/kY1N/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39814d6723e47eae86cbf76466ab5f16_JaffaCakes118

Files

39814d6723e47eae86cbf76466ab5f16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0865bb302bd9a0e3b8fdb5a68dd0daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ExitProcess
OpenMutexW
FlushConsoleInputBuffer
CreateEventW
CreateMailslotW
RemoveDirectoryW
SignalObjectAndWait
ReadProcessMemory
GetFileAttributesA
GetDriveTypeA
GetSystemTime
DeleteFileA
DuplicateHandle
EnumDateFormatsA
CancelDeviceWakeupRequest
Sleep
SetLocalTime
SetConsoleCtrlHandler
lstrcmpiA
LocalFlags
FreeConsole
RemoveDirectoryA
GetProcessHeaps
GenerateConsoleCtrlEvent
VirtualAllocEx
GetVersionExA
GlobalGetAtomNameA
FileTimeToLocalFileTime
CreateIoCompletionPort
GetStartupInfoA
FindFirstChangeNotificationW
_lwrite
lstrlenA
SetTapePosition
CreateNamedPipeW
LCMapStringW
GetFullPathNameA
HeapWalk
LocalReAlloc
ReadConsoleOutputW
WriteConsoleInputA
GetCommandLineA
ScrollConsoleScreenBufferA
GetDiskFreeSpaceExA
OpenFileMappingW
SetConsoleMode
FileTimeToSystemTime
GlobalDeleteAtom
FlushInstructionCache
SetConsoleWindowInfo
WaitForDebugEvent
GetEnvironmentStrings
GetShortPathNameW
DeleteCriticalSection
SetMailslotInfo
CreateDirectoryExW
GetCalendarInfoW
GetWriteWatch
WriteProcessMemory
RequestWakeupLatency
ReadConsoleOutputAttribute
SetComputerNameW
GetFileAttributesW
TryEnterCriticalSection
GlobalAlloc
GetConsoleCursorInfo
GetPrivateProfileSectionNamesW
GetCommConfig
GetDiskFreeSpaceA
WritePrivateProfileStringA
LoadLibraryExA
GetDevicePowerState
LoadLibraryA
UpdateResourceW
LoadModule
GetPrivateProfileIntA
GetSystemDirectoryW
GetNumberFormatW

user32

ScreenToClient
WaitMessage
CharUpperBuffW
GetWindowThreadProcessId
CharUpperW
ShowScrollBar
IsDialogMessageA
RegisterWindowMessageW
BeginDeferWindowPos
SetClassWord
CallWindowProcA
DestroyWindow
ModifyMenuW
GetClipboardFormatNameA
DestroyAcceleratorTable
GetDlgItemTextA
SetSystemCursor
GetMenuDefaultItem
CallNextHookEx
CloseDesktop
TabbedTextOutA
AdjustWindowRect
CallMsgFilterA
GetDlgItem
ReplyMessage
GetLastActivePopup
SetMessageExtraInfo
ChangeDisplaySettingsW
AppendMenuW
LoadImageA
MapVirtualKeyW
MessageBoxIndirectA
SendMessageCallbackW
CreateDialogParamA
LoadCursorA
MsgWaitForMultipleObjectsEx
SetLastErrorEx
GetClipboardData
ReleaseDC
GetWindowWord
CreateWindowStationA
DrawIcon
CharToOemW
DrawMenuBar
OpenInputDesktop
GetMenuState
FindWindowW
MsgWaitForMultipleObjects
GetClassNameA
DestroyCursor
GetUpdateRect
GetTopWindow

gdi32

ExcludeClipRect
GetLogColorSpaceA
CreateMetaFileA
BeginPath
CloseEnhMetaFile
EndPage
LineTo
CreateDIBitmap
SetTextJustification
GetDIBColorTable
GetEnhMetaFileHeader
AnimatePalette
OffsetViewportOrgEx
GetClipRgn
SetTextColor
GdiSetBatchLimit
DeleteObject
GetEnhMetaFileA
GetFontLanguageInfo
SelectClipPath
GetAspectRatioFilterEx
SetROP2
SetWindowExtEx
DrawEscape
CreatePatternBrush
FixBrushOrgEx
SetPixel
CreateColorSpaceW
PolyTextOutW
ExtSelectClipRgn
CreateScalableFontResourceW
EnumFontFamiliesExA
GetTextCharsetInfo
GetMetaFileA
CreateBrushIndirect
SetDIBits
GetICMProfileA
CreateFontW
GetEnhMetaFileW
CreatePalette
SetICMProfileA
CheckColorsInGamut
GetTextMetricsA
CloseFigure
GetNearestPaletteIndex
PlayEnhMetaFile
GetKerningPairsW
GetSystemPaletteUse
GetBitmapBits
GetPath

advapi32

CryptEnumProvidersW
GetExplicitEntriesFromAclA
CryptDuplicateKey
GetCurrentHwProfileW
RegOpenKeyExW
RegCloseKey
SetEntriesInAclW
CryptContextAddRef
GetEffectiveRightsFromAclA
GetNamedSecurityInfoA
GetServiceDisplayNameW
RegQueryValueExA
CryptGenKey
CryptGetDefaultProviderW
OpenSCManagerA
GetSidSubAuthority
LookupAccountNameA
RegEnumKeyExA
CryptAcquireContextA
GetTrusteeNameA
OpenEventLogA
ReadEventLogA
DeleteAce
GetSecurityDescriptorSacl
BuildTrusteeWithNameW
BuildImpersonateTrusteeA
LockServiceDatabase
LogonUserW
CryptSignHashW
LookupSecurityDescriptorPartsW
InitializeAcl
BuildExplicitAccessWithNameW
AccessCheck
QueryServiceConfigA
RegEnumValueA
GetAce
GetServiceKeyNameA
RegQueryValueExW
ChangeServiceConfigW
GetFileSecurityW
GetEffectiveRightsFromAclW
AddAce

shell32

SHBrowseForFolderA
SHChangeNotify
CommandLineToArgvW
ExtractIconExA
SHAddToRecentDocs
SHEmptyRecycleBinA
SHGetDesktopFolder

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mmzxoymr
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zzvwtvkb
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0865bb302bd9a0e3b8fdb5a68dd0daa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

Sections

.text Size: 268KB - Virtual size: 268KB

.rdata Size: 7KB - Virtual size: 8KB

.data Size: 17KB - Virtual size: 20KB

mmzxoymr Size: 47KB - Virtual size: 48KB

zzvwtvkb Size: 4KB - Virtual size: 4KB

.text
Size: 268KB - Virtual size: 268KB

.rdata
Size: 7KB - Virtual size: 8KB

.data
Size: 17KB - Virtual size: 20KB

mmzxoymr
Size: 47KB - Virtual size: 48KB

zzvwtvkb
Size: 4KB - Virtual size: 4KB