39e1508c49bf72f98bd9623e10c36f95_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39e1508c49bf72f98bd9623e10c36f95_JaffaCakes118
Size

80KB
MD5

39e1508c49bf72f98bd9623e10c36f95
SHA1

63251026c3253a46286d03f89b53b89ba4213ff5
SHA256

4a3847428e2b291e54847dfef807f8daeedf70ec2ca8e887c96b7bdc339937ce
SHA512

00882f71e2db817968e7ec68ff9c1efbabf1f02e09274bb38e0190a978df4d63d6395ace37ad31d2f07a3408ebbb8f2f0204b76f8b47561fd3aa8c7771428262
SSDEEP

1536:oB+SWDuJkYyvOW/vGB6s00wt69uLeIVOVh:oBjWCJkYyvdvV/0wQ9uLXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39e1508c49bf72f98bd9623e10c36f95_JaffaCakes118

Files

39e1508c49bf72f98bd9623e10c36f95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

023a27b38a1f09ca538b3167ce3470ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Copy
ImageList_DragShowNolock
ImageList_Create
ImageList_Draw
ImageList_DragLeave
ImageList_LoadImageA
ImageList_AddMasked
ImageList_DrawEx
ImageList_LoadImageW
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_DragEnter
InitCommonControls
ImageList_EndDrag

user32

DrawTextW
DrawIconEx
GetDC
CopyRect
InsertMenuA
CloseWindow
GetFocus
BlockInput
AlignRects
GetWindowTextA
CalcMenuBar
AppendMenuW
IsMenu
DialogBoxParamA
DrawTextA
GetCursor
GetMenu
CreateIcon
IsWindow
CopyIcon

kernel32

GetCommandLineA
GetStdHandle
lstrcmpiA
GetFileSize
CloseHandle
GetLocalTime
GetLastError
SetLastError
HeapAlloc
HeapFree
GetFileType
GlobalFree
lstrlenA
DeleteFileA
GetFullPathNameA
WideCharToMultiByte
Sleep

advapi32

RegEnumValueA
RegFlushKey
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyW
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExW
RegQueryValueA
RegEnumKeyExW
RegGetKeySecurity
RegQueryInfoKeyA
RegOpenKeyExW
RegEnumValueW
RegLoadKeyW
RegReplaceKeyW

gdi32

GetBrushOrgEx
CloseMetaFile
GetBitmapBits
GetCurrentPositionEx
GetPixel
AbortPath
AddFontResourceExW
ExcludeClipRect
ClearBitmapAttributes
DeleteDC
SetTextColor
AddFontResourceW
CopyMetaFileA
AddFontMemResourceEx
BitBlt
RestoreDC
CreateSolidBrush
DeleteObject
CancelDC
CloseFigure

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 3KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 431B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

023a27b38a1f09ca538b3167ce3470ff

Headers

File Characteristics

Imports

comctl32

user32

kernel32

advapi32

gdi32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 60KB - Virtual size: 58KB

.rdata Size: 4KB - Virtual size: 93KB

.INIT Size: 3KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 431B

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 60KB - Virtual size: 58KB

.rdata
Size: 4KB - Virtual size: 93KB

.INIT
Size: 3KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 431B