39c891086f0dbc9a79bf01aa28a488c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39c891086f0dbc9a79bf01aa28a488c3_JaffaCakes118
Size

144KB
MD5

39c891086f0dbc9a79bf01aa28a488c3
SHA1

af1950d6800a7a984d84311c6c8ad00c206b9448
SHA256

1f64aad2ffaceb402d43393a55f17d3577cd90942d1c8c1aadf8187f9f593c70
SHA512

f67141e63253fa12a06e6bac810d1d6bf2ef77611fc9a5243cc9dff6449029b707f77b0a64c526dbef6895831dd7a48d988fbe67c1f1e1bcd596ccf799fe49c0
SSDEEP

3072:XBGM8cmrYaCCTcoiz8Yat7PsPHrUyGPwrrlFOcB:XBGM8J0ic9z8Yk7kAyfPZB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39c891086f0dbc9a79bf01aa28a488c3_JaffaCakes118

Files

39c891086f0dbc9a79bf01aa28a488c3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8d6299e903b308057808be855961c4cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
FindFirstFreeAce
GetManagedApplications
RegCloseKey
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegSetValueExA
StartTraceW

gdi32

DrawEscape
SetTextAlign
UpdateColors
CombineRgn

kernel32

VirtualAlloc
GetCommandLineW
DisableThreadLibraryCalls
GetShortPathNameA
_lopen
DeleteCriticalSection
EnterCriticalSection
FindResourceA
FindResourceW
FreeLibrary
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetSystemDefaultLangID
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
IsBadWritePtr
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadResource
MultiByteToWideChar
SetLastError
SetThreadLocale
SizeofResource
WideCharToMultiByte
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
CompareStringW
CompareStringA
GetLocaleInfoW
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
SetEnvironmentVariableA
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
HeapSize
LoadLibraryA
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
GetCPInfo
GetOEMCP
GetCurrentThreadId
GetCommandLineA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
FatalAppExitA
GetACP

ole32

OleCreateEmbeddingHelper
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateObjectInContext
CoCreateInstance
StringFromCLSID

oleaut32

VarDecFromUI2
VarUI4FromDisp
VectorFromBstr

rpcrt4

RpcBindingInqAuthInfoExA
NdrDllUnregisterProxy
RpcBindingInqAuthClientExA
RpcIfIdVectorFree
UuidHash

user32

CallMsgFilter
CharNextW
DlgDirSelectComboBoxExA
GetWindowLongA
GetWindowPlacement
IsCharAlphaNumericA
LoadStringA
LoadStringW
PeekMessageW

Exports

Exports

Tljkjrl

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d6299e903b308057808be855961c4cd

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB