39a152954fb120ab3bd9f7fd88496738_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39a152954fb120ab3bd9f7fd88496738_JaffaCakes118
Size

528KB
MD5

39a152954fb120ab3bd9f7fd88496738
SHA1

06e31755033a16e8cbf6211073556030f4ce1bfd
SHA256

a2de7683274418f2a23fbb4d9187ad820fde17488e998fa7070cc364102a7df1
SHA512

95f458c7f1da8637ec184c6d3cf898ea9e2724d89ee8f91fc2594ce5e20a042b629b682b8ff3b14150c15491cadf1685ad1cffd76927391400b05ad7cb672e3f
SSDEEP

12288:M63wzB3KyFqieFPJMlRbSu/1mgf99dcRUJ3z/XRDSEI4dKST+teZZS/unWGN/FWi:LEnFheP2bzd3NcRU5HFWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39a152954fb120ab3bd9f7fd88496738_JaffaCakes118

Files

39a152954fb120ab3bd9f7fd88496738_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fdd7ee1d3d5ebdbfd373082241d8e58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\civmgaaess\sqez\cyb

Imports

user32

CloseClipboard
DdeQueryStringW
ChangeMenuA
CreateDesktopA
RegisterClassA
RemovePropA
MessageBoxA
CallNextHookEx
DragObject
GetLastActivePopup
TileWindows
RegisterClassExA
GetPropW
IsMenu
DdeGetLastError
GetDlgItemTextW
DdeImpersonateClient
ShowWindow
CreateWindowExA
LoadBitmapW
OemToCharBuffW
DefWindowProcW
RegisterDeviceNotificationW
GetDC
DdeQueryConvInfo
SendDlgItemMessageA
DestroyWindow
CascadeWindows
DdeQueryNextServer
EndDeferWindowPos
CountClipboardFormats
AttachThreadInput
OpenWindowStationW
IntersectRect
DdeAccessData
ChildWindowFromPoint
MessageBeep
GetSystemMenu
LoadMenuW

comctl32

DrawStatusText
ImageList_BeginDrag
InitCommonControlsEx

kernel32

GetACP
HeapReAlloc
FreeEnvironmentStringsW
GetStringTypeA
MultiByteToWideChar
GetLocaleInfoA
CreateFileA
SetEnvironmentVariableA
RtlUnwind
TerminateProcess
GlobalLock
GetComputerNameW
ReadFile
GetStringTypeW
QueryPerformanceCounter
VirtualAlloc
TlsFree
SetFilePointer
GetModuleFileNameA
GetCurrentThreadId
InterlockedExchange
SetLastError
GetTimeFormatA
IsValidLocale
WideCharToMultiByte
ExitProcess
GetModuleHandleW
GetStartupInfoA
Sleep
InterlockedIncrement
GetPrivateProfileStructA
CompareStringA
GetUserDefaultLCID
GetOEMCP
WriteConsoleW
GetCurrentProcess
GetCommandLineA
GetModuleHandleA
GetFileType
FindFirstFileA
LCMapStringW
GetCPInfo
lstrcatA
GetConsoleOutputCP
GetEnvironmentStringsW
CreateMutexA
OpenMutexA
VirtualQuery
GetCommandLineW
WriteProfileSectionA
HeapCreate
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
GetCurrentThread
HeapDestroy
CompareStringW
GetConsoleCP
UnhandledExceptionFilter
CloseHandle
DuplicateHandle
WriteFile
GetDateFormatA
HeapSize
TlsSetValue
InterlockedDecrement
GetSystemTimeAsFileTime
WriteConsoleA
EnumSystemLocalesA
GetStdHandle
GetTimeZoneInformation
GetConsoleMode
TlsGetValue
HeapFree
LeaveCriticalSection
GetModuleFileNameW
LCMapStringA
GetCurrentProcessId
IsDebuggerPresent
GetLocaleInfoW
SetHandleCount
IsValidCodePage
GetStartupInfoW
HeapAlloc
FreeEnvironmentStringsA
SetStdHandle
InitializeCriticalSectionAndSpinCount
FreeLibrary
LoadLibraryA
EnterCriticalSection
GetTickCount
DeleteCriticalSection
VirtualFree
TlsAlloc
GetProcAddress
GetLastError
FlushFileBuffers

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fdd7ee1d3d5ebdbfd373082241d8e58

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 104KB - Virtual size: 113KB

.rsrc Size: 64KB - Virtual size: 62KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 104KB - Virtual size: 113KB

.rsrc
Size: 64KB - Virtual size: 62KB