39db4db5992df124f139e4bfb940b9a4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39db4db5992df124f139e4bfb940b9a4_JaffaCakes118
Size

1.7MB
MD5

39db4db5992df124f139e4bfb940b9a4
SHA1

5eaba4919971c09264ac50018b61dc276fb6b709
SHA256

945f5269c077f49ea221e54cca2d3635704336a72240d869a77bbdb796cb2e7c
SHA512

a277babfafe15fe19ea35435bb471a29475d35a6cd5a722082d6e4ffa0786b059534e01f2578fa7ef5688c24efb82ae2c2c38a70dd086d09fe853778357e332f
SSDEEP

24576:2R3XdK55EIK281H2ijFi98NrwnR9vW1T/GKILEhIEaFZAeVCVmsr8tsXGPKQGB3c:2ZdjXXVxiKNknR9vWhGyevNS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39db4db5992df124f139e4bfb940b9a4_JaffaCakes118

Files

39db4db5992df124f139e4bfb940b9a4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

516cb5cfe5724934fe66402a06662c46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

userenv

FreeGPOListW
GetProfilesDirectoryW
ord152
ord141
ord142
ord127
ord175
LoadUserProfileW
LeaveCriticalPolicySection
ord135
CreateEnvironmentBlock
GetUserProfileDirectoryA
ord146
GetDefaultUserProfileDirectoryW
UnregisterGPNotification
RegisterGPNotification
EnterCriticalPolicySection

ole32

OleRegGetUserType
CoGetCallerTID
PropSysAllocString
StgSetTimes
CoMarshalInterface
OleIsRunning
PropSysFreeString
ReleaseStgMedium
CoGetObjectContext

msvcrt

__p__commode
sprintf
towupper
__setusermatherr
_fsopen
_mbsrchr
exit
_read
_CIasin
_acmdln
_CIpow
__p__environ
_ismbblead
wcstombs
calloc
__lc_collate_cp

kernel32

GetCurrentThreadId
SetLocaleInfoA
GetCurrencyFormatW
WriteProfileStringA
MulDiv
GetSystemInfo
GetConsoleAliasExesW
InterlockedDecrement
GetTempPathA
MapViewOfFileEx
GetProcessTimes
SignalObjectAndWait
GetCurrentProcessId
FindResourceW
GetVersion
HeapCreate
VirtualAlloc
GetFileAttributesW
SetHandleCount
GetModuleHandleW
GetProcessHeaps
WideCharToMultiByte
GetCommandLineW

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 861KB - Virtual size: 929KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 779KB - Virtual size: 847KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

516cb5cfe5724934fe66402a06662c46

Headers

DLL Characteristics

File Characteristics

Imports

userenv

ole32

msvcrt

kernel32

Sections

.text Size: 89KB - Virtual size: 89KB

.CRT Size: 5KB - Virtual size: 72KB

.orpc Size: 861KB - Virtual size: 929KB

.data Size: 779KB - Virtual size: 847KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 89KB - Virtual size: 89KB

.CRT
Size: 5KB - Virtual size: 72KB

.orpc
Size: 861KB - Virtual size: 929KB

.data
Size: 779KB - Virtual size: 847KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 2KB