39b3ab90ca4130cb4fa871a32e249fc8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39b3ab90ca4130cb4fa871a32e249fc8_JaffaCakes118
Size

26KB
MD5

39b3ab90ca4130cb4fa871a32e249fc8
SHA1

4ac5b3cd66daa25638664e147ed4acd47ec3ac42
SHA256

9de04af9d40f16d1d316e37365a38a40e1e97ef4f183f4be645d04e4be38754d
SHA512

99b3c5e10a2c7924c7e4631b22fbbf02df62603698fc0bdc42e945edb10647668e54fce2dcd6ef06222312f257b4cd61bf1701f8d2232c6f3313f6d651e8cf40
SSDEEP

768:xc3K/Et0jMs5bzF/QJqV/K2tBRyH5JwDIr:8jt0jMsPQJmGHU2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39b3ab90ca4130cb4fa871a32e249fc8_JaffaCakes118

Files

39b3ab90ca4130cb4fa871a32e249fc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec856189259c335f0b7e7fd13e453c8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetColorSpace
GetRandomRgn
Escape
CreatePolyPolygonRgn
GetCurrentPositionEx
ChoosePixelFormat
GetKerningPairs
RoundRect
GetGlyphOutlineA
ExtTextOutW
SetSystemPaletteUse
GetPixelFormat
StartPage
GetBkMode
GetEnhMetaFileBits
SetBitmapDimensionEx

user32

DlgDirSelectExA
CreateIconIndirect
CreateAcceleratorTableW
CallWindowProcW
DdeInitializeA
DispatchMessageW
GetComboBoxInfo
CheckMenuRadioItem
DestroyWindow
CreateMenu
DdeAccessData
GetClientRect
AppendMenuA
DlgDirSelectComboBoxExW
GetClipboardFormatNameA
GetDlgCtrlID

kernel32

VirtualAlloc
GetStartupInfoW
FillConsoleOutputAttribute
FileTimeToDosDateTime
GlobalFindAtomA
GetCurrentProcessId
CancelIo
FindFirstFileExA
RtlUnwind
GetStringTypeExW
ExitProcess
GetUserDefaultLangID
ReadConsoleW
Module32Next
GetLogicalDriveStringsA
FindFirstFileW
VirtualFree
GetStringTypeW
SwitchToFiber
lstrlenA
CopyFileA
SetProcessAffinityMask
LeaveCriticalSection
GetCPInfo
SetCurrentDirectoryA
CloseConsoleHandle
SetLastError
EnumCalendarInfoW
SetConsoleTitleA
MoveFileW
LocalUnlock
Sleep
CmdBatNotification
Heap32ListFirst
OpenFile
lstrcmpiW
lstrcmpiA
BuildCommDCBAndTimeoutsW
UpdateResourceA
ScrollConsoleScreenBufferW
GetModuleHandleA
GetStartupInfoA
SetTimeZoneInformation
IsDBCSLeadByteEx

msvcrt

_heapadd
_ismbchira
_except_handler2
setbuf
fwrite
longjmp
vsprintf
_getdiskfree
_outpd
_mbbtombc
_getdrive
_ui64tow
sinh
vprintf
_pclose
_sys_nerr
_isatty
_wgetdcwd
acos
tmpnam
getwc
_ismbcdigit
_outpw
_tempnam
__p__wpgmptr
_adj_fdivr_m16i
_spawnl
__p__fileinfo
_spawnvp
_initterm
atof
memcmp

comdlg32

ChooseColorA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ltz
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wzahv
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wkrz
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec856189259c335f0b7e7fd13e453c8d

Headers

File Characteristics

Imports

gdi32

user32

kernel32

msvcrt

comdlg32

Sections

.text Size: 7KB - Virtual size: 7KB

.ltz Size: 5KB - Virtual size: 14KB

.wzahv Size: 5KB - Virtual size: 13KB

.wkrz Size: 7KB - Virtual size: 16KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.ltz
Size: 5KB - Virtual size: 14KB

.wzahv
Size: 5KB - Virtual size: 13KB

.wkrz
Size: 7KB - Virtual size: 16KB

.reloc
Size: 1024B - Virtual size: 1KB