39c37865923f4ba4f75f84e275b9e452_JaffaCakes118

General

Target

39c37865923f4ba4f75f84e275b9e452_JaffaCakes118
Size

56KB
MD5

39c37865923f4ba4f75f84e275b9e452
SHA1

7496ed3affb2f3f648b325cd1a8679feb6d3b1ce
SHA256

97ed368b3622993f47fc1a1123a7edcd47bbcb3f629a5527189f56d9d159f178
SHA512

8253ecccd82b1ea99bbcd7d021e71ccba1aa0afde349be104b28d017644302e76093f4f50f309ce5d5f103adf6eff2d9339ddbbf11db1a118ee2ae111eee9794
SSDEEP

768:lXtU8UcaZJtrHggqddUImJ8MKDie+wsWt9OD98oXTWImf7Ecj3slCNxniGDk5OKr:HU83kJhATQWMeXsWtI67EcTJ5DkNHNz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39c37865923f4ba4f75f84e275b9e452_JaffaCakes118

Files

39c37865923f4ba4f75f84e275b9e452_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08e6ad9807d1e92f84cc8a9ed2d45c7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
VirtualAlloc
DeleteFileW
SetLastError
GetCurrentProcess
FindFirstChangeNotificationW
MulDiv
GetModuleFileNameW
FileTimeToSystemTime
MultiByteToWideChar
GetCurrentProcessId
LoadLibraryA
SuspendThread
FreeResource
FindResourceW
GetTickCount
LoadLibraryW
InterlockedIncrement
GlobalLock
GetLogicalDrives
FindNextChangeNotification
TerminateThread
DuplicateHandle
VirtualFree
CloseHandle
lstrcpyW
CreateEventW
SetThreadPriority
InterlockedDecrement
GetProcAddress

user32

SetLayeredWindowAttributes
DispatchMessageW
SetCursor
MessageBoxW
AppendMenuW
DefWindowProcW
SendDlgItemMessageW
wsprintfW
EnableWindow
RedrawWindow
TranslateMessage
SetDlgItemTextW
GetParent
ReleaseDC
SetCursorPos
GetKeyState
RegisterClassExW
SystemParametersInfoW
GetWindowRect

gdi32

SetTextColor
CreateRoundRectRgn
CreateCompatibleDC
BitBlt
DeleteObject
GetObjectW
GetClipBox
GetDeviceCaps
SetBkMode

advapi32

RegCloseKey
LookupPrivilegeValueW
SetSecurityDescriptorDacl
RegSetValueExW
RegCreateKeyExW

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08e6ad9807d1e92f84cc8a9ed2d45c7c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1004B

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1004B