39d452d7ecccdb9e8e4d6ae3fb6c6eed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39d452d7ecccdb9e8e4d6ae3fb6c6eed_JaffaCakes118
Size

322KB
MD5

39d452d7ecccdb9e8e4d6ae3fb6c6eed
SHA1

c39cba801bd82bd781c4a82b7953f61560cd5abd
SHA256

651eb3f38115b5b47bbf85032f326efbe789cf4076002c0575c873cac25aebe3
SHA512

322d4263f6a0e4d14312ae13886a7bdc424aca04c1103f2bd99fdc940fb3448f2c95b7875a750bbe2a83919d966d20c5c9ee7fc6e496851d83dce09f76c8976a
SSDEEP

6144:iAMaFD7fnWz52+vj02JBxbqzu9R1zCFB747ogl:ina1rWzz7dbqzu9R1zCv8cy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39d452d7ecccdb9e8e4d6ae3fb6c6eed_JaffaCakes118

Files

39d452d7ecccdb9e8e4d6ae3fb6c6eed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c54e4137810318af3ee16d0675d57b10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GetModuleFileNameA
WideCharToMultiByte
FlushFileBuffers
EnterCriticalSection
GetStartupInfoW
GetVersionExA
OpenMutexA
RemoveDirectoryW
GetStringTypeW
HeapSize
GetStringTypeA
OpenProcess
GetACP
GetCurrentProcessId
MultiByteToWideChar
GetCommandLineW
GetFileType
VirtualAlloc
GetCPInfo
TlsGetValue
InitializeCriticalSection
CompareStringW
GetLocaleInfoW
ExitProcess
GetExitCodeProcess
TerminateProcess
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
HeapAlloc
EnumCalendarInfoW
SetLastError
GetCurrentProcess
HeapReAlloc
LeaveCriticalSection
GetEnvironmentStrings
TlsFree
TlsAlloc
GetModuleHandleA
IsValidLocale
GetOEMCP
lstrcpynW
TlsSetValue
FindNextFileW
VirtualProtect
TransactNamedPipe
HeapFree
GetLastError
LoadModule
CompareStringA
GetCurrentThread
DeleteCriticalSection
EnumSystemLocalesA
GetCurrentThreadId
GetDiskFreeSpaceExA
WaitNamedPipeA
VirtualFree
GetTickCount
GetNamedPipeInfo
CreateMutexA
IsBadWritePtr
CloseHandle
SetEnvironmentVariableA
GetModuleFileNameW
VirtualQuery
GetCommandLineA
GetEnvironmentStringsW
HeapDestroy
RtlUnwind
GetSystemInfo
GetProcAddress
UnhandledExceptionFilter
SetHandleCount
LCMapStringW
ReadFile
FreeEnvironmentStringsA
LCMapStringA
SetConsoleCP
GetLocaleInfoA
EnumTimeFormatsA
LoadLibraryA
GetTimeZoneInformation
SetFilePointer
InterlockedExchange
GetStdHandle
QueryPerformanceCounter
SetStdHandle
GetTimeFormatA
GetUserDefaultLCID
FillConsoleOutputCharacterA
GetStartupInfoA
IsValidCodePage
WriteFile
HeapCreate

comctl32

InitCommonControlsEx

shell32

ShellExecuteExA
SHFormatDrive
ShellExecuteExW
ExtractAssociatedIconExA

user32

DdeNameService
DdeClientTransaction
ToUnicode
OemToCharA
SetKeyboardState
UnhookWinEvent
MessageBoxIndirectW
RegisterClassExA
OpenIcon
RegisterWindowMessageA
BeginDeferWindowPos
GetKeyboardLayoutNameA
GetClassWord
DrawStateA
SetParent
GetUserObjectInformationA
RegisterClassA
BeginPaint
CreateWindowExW
DdeCmpStringHandles
GetNextDlgGroupItem
CreateDesktopA
EnableWindow
wvsprintfA
GetClassInfoW
CreateIcon

advapi32

CryptSetProvParam
CryptGetHashParam
RegDeleteKeyW
InitializeSecurityDescriptor
CryptSetKeyParam
CryptReleaseContext
StartServiceW
RegEnumKeyExW
RegCreateKeyA
LookupPrivilegeDisplayNameW
RegRestoreKeyA
CryptAcquireContextA
RegDeleteValueW
RegEnumKeyExA
CryptSetHashParam
CryptDecrypt
GetUserNameW
CryptDestroyKey

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c54e4137810318af3ee16d0675d57b10

Headers

File Characteristics

Imports

kernel32

comctl32

shell32

user32

advapi32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 9KB - Virtual size: 37KB

.data Size: 145KB - Virtual size: 144KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 9KB - Virtual size: 37KB

.data
Size: 145KB - Virtual size: 144KB

.rsrc
Size: 9KB - Virtual size: 8KB