39f27ab091b364a89e6a4b03cc4444c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39f27ab091b364a89e6a4b03cc4444c7_JaffaCakes118
Size

500KB
MD5

39f27ab091b364a89e6a4b03cc4444c7
SHA1

0c43c53b1d7887744d128e991b6f138e0ca990a3
SHA256

fa203eae2202aa5a381d13edf88a8ece7871ba456414a84a6f56afed5a8eecfe
SHA512

3a7baa31305ef8bc0027bf79f34850d5dbe590269cc2b5df5a605f14ff1cff7bb6fdd23ddcf81095052726128581e9dcf2a7ab61fa8353a9fe6e71b0ff371a81
SSDEEP

12288:L285LoNSpvQDRu0YvDZJ7P/+BESZCxVsOa+1SGHWyI1t:L2OOEsR3Yvn6BV+Vx1SG2y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f27ab091b364a89e6a4b03cc4444c7_JaffaCakes118

Files

39f27ab091b364a89e6a4b03cc4444c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddccea33190c13a789417ef5036690f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\iverf.pdb

Imports

user32

BeginDeferWindowPos
CreateWindowExA
RegisterClassExA
ScrollWindowEx
UnhookWindowsHookEx
RegisterClassA
MessageBoxA
InvalidateRgn
GetUserObjectInformationA
DdeGetData
FreeDDElParam
ShowWindow
GetWindow

kernel32

SetConsoleCtrlHandler
GetACP
LCMapStringA
GetTickCount
SetLastError
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetCommandLineA
TerminateProcess
OpenFileMappingA
FreeEnvironmentStringsA
WriteFile
GetEnvironmentStrings
FlushFileBuffers
CreateMutexA
GetSystemTimeAsFileTime
LCMapStringW
WriteConsoleW
SetHandleCount
GetModuleFileNameA
EnumSystemLocalesA
CloseHandle
GetStdHandle
IsValidCodePage
GetFileType
GetCurrentThread
GetConsoleCP
lstrcpy
FreeLibrary
ReadFile
GetLocaleInfoW
GetEnvironmentStringsW
SetVolumeLabelW
LeaveCriticalSection
GetTimeFormatA
GetOEMCP
EnterCriticalSection
GetLocaleInfoA
IsValidLocale
GetModuleHandleA
TlsAlloc
GetDateFormatA
VirtualFree
MultiByteToWideChar
LoadLibraryA
HeapSize
InterlockedIncrement
RtlUnwind
GetStringTypeA
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapCreate
HeapFree
DeleteCriticalSection
HeapDestroy
GetCurrentProcess
HeapAlloc
OpenMutexA
WideCharToMultiByte
VirtualAlloc
GetCurrentThreadId
InterlockedDecrement
CompareStringW
SetFilePointer
CreateFileA
QueryPerformanceCounter
GetCPInfo
TlsSetValue
GetStringTypeW
GetTimeZoneInformation
GetUserDefaultLCID
GetProcAddress
HeapReAlloc
Sleep
IsDebuggerPresent
GetStartupInfoA
GetModuleHandleW
SetEnvironmentVariableA
GetCurrentProcessId
CompareStringA
FreeEnvironmentStringsW
GetConsoleOutputCP
WriteConsoleA
TlsFree
GetConsoleMode
ExitProcess
VirtualQuery
SetStdHandle
TlsGetValue

comctl32

InitCommonControlsEx

gdi32

GetSystemPaletteUse
PlayMetaFile
SelectObject
DeleteDC
GetViewportOrgEx
GetDeviceCaps
GetPixelFormat
SetMetaRgn
CreateDCW

Sections

.text
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddccea33190c13a789417ef5036690f6

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

gdi32

Sections

.text Size: 295KB - Virtual size: 294KB

.rdata Size: 80KB - Virtual size: 100KB

.data Size: 116KB - Virtual size: 115KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 295KB - Virtual size: 294KB

.rdata
Size: 80KB - Virtual size: 100KB

.data
Size: 116KB - Virtual size: 115KB

.rsrc
Size: 8KB - Virtual size: 7KB