39e2e98eee46f3f0b295630b9005db3c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39e2e98eee46f3f0b295630b9005db3c_JaffaCakes118
Size

564KB
MD5

39e2e98eee46f3f0b295630b9005db3c
SHA1

9b86bdf38bb8b4c76fb6ba812fd3403d073fb14f
SHA256

0a4b9895fd0b65d53f34a2a7109f11cb796bf9268763fa875911e4e6aad0797b
SHA512

75c3bb397b87bb81443eccad437f6d394ce2be9fd20d702ab5537e8191675e23e80c4167ed5e1989821ba998dc0153502c66129ec4c11ee79d348c419c837619
SSDEEP

12288:5hOmCVBe5Kne62FxxNCSRwY3oJdewXlOHS0FJgHbxEh:52VBMKWASmY3qedymob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39e2e98eee46f3f0b295630b9005db3c_JaffaCakes118

Files

39e2e98eee46f3f0b295630b9005db3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ad5dc998c47dfdc94ed8ef4388a1409

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkMode
GetDeviceCaps
GetStockObject
SetBkColor
SetTextColor
SelectObject
DeleteObject
BitBlt
DeleteDC

advapi32

RegQueryValueExW
OpenProcessToken
GetTokenInformation
RegDeleteValueA
RegOpenKeyExA
RegSetValueExW
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

version

VerQueryValueA
GetFileVersionInfoA

oleaut32

VariantClear
SysAllocString
SysStringLen

kernel32

RtlUnwind
InterlockedIncrement
SetEndOfFile
RaiseException
FindResourceA
SetUnhandledExceptionFilter
FileTimeToLocalFileTime
GetStringTypeA
WriteConsoleW
SetEvent
GetCPInfo
IsValidCodePage
ResetEvent
TlsFree
UnmapViewOfFile
GetLocalTime
GetProcAddress
GetStartupInfoW
FindNextFileW
SetFileAttributesA
SetStdHandle
TerminateProcess
DuplicateHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
GetSystemInfo
InitializeCriticalSection
FindClose
VirtualProtect
DeleteFileA
GetStartupInfoA
GetModuleHandleA
UnhandledExceptionFilter
DeleteCriticalSection
GetVersionExA
DeleteFileW
FreeEnvironmentStringsW
SetLastError
WriteConsoleA
GetSystemDirectoryA
GetWindowsDirectoryA
ReleaseMutex
InterlockedExchange
LeaveCriticalSection
lstrcpyA
GetStringTypeW
QueryPerformanceCounter
ReadFile
CreateProcessW
CreateProcessA
GlobalUnlock
GlobalFree
GlobalAlloc
GetConsoleMode
FindNextFileA
InterlockedCompareExchange
CompareStringA
WriteFile
HeapFree
MultiByteToWideChar
WideCharToMultiByte
GetDriveTypeA
GetEnvironmentStringsW
GetCommandLineW
TlsSetValue
HeapReAlloc
IsBadWritePtr
GetConsoleOutputCP
HeapAlloc
CreateFileW
HeapDestroy
CreateFileMappingA
GetCurrentProcess
FindResourceW
LoadLibraryW
RemoveDirectoryA
CloseHandle
HeapCreate
IsDebuggerPresent
EnterCriticalSection
VirtualFree
VirtualAlloc
GlobalLock
Sleep
SetEnvironmentVariableA
TlsGetValue
CompareStringW
lstrlenW
WaitForSingleObject
WritePrivateProfileStringA
MapViewOfFile
VirtualQuery
WaitForMultipleObjects
FormatMessageA
CreateDirectoryA
GetModuleFileNameA
SetHandleCount
GetOEMCP
GetCurrentDirectoryA
GetFileSize
GetProcessHeap
GetLastError
GetStdHandle
GetTickCount
CreateEventA
FreeLibrary
GetModuleHandleW
GetSystemTimeAsFileTime
GetPrivateProfileStringA
TlsAlloc
GetCurrentThread
LoadLibraryExW
GetFileType
CreateThread
CreateMutexA
LCMapStringW
GetLocaleInfoA
lstrlenA
GetConsoleCP
GetFileAttributesA
FlushFileBuffers
FindFirstFileA
SetErrorMode
GetEnvironmentVariableA
GetCurrentProcessId
GetCommandLineA
LockResource
LoadResource
LocalFree
LocalAlloc
HeapSize
GetACP
CreateFileA
FindFirstFileW
GetVersion
GetTempPathA
FormatMessageW
GetModuleFileNameW
SizeofResource
LoadLibraryA
GetTimeZoneInformation
FileTimeToSystemTime
GetFileAttributesW
InterlockedDecrement
LCMapStringA
lstrcmpA
SetFilePointer
GetThreadLocale
GetCurrentThreadId
ExitProcess

user32

GetParent
BeginPaint
GetSystemMetrics
EnableMenuItem
UpdateWindow
DestroyWindow
RegisterClassA
GetClientRect
LoadBitmapA
TrackPopupMenu
SetCursor
SetForegroundWindow
DefWindowProcA
PeekMessageA
MoveWindow
SetWindowPos
ShowWindow
LoadCursorA
LoadIconA
IsWindowVisible
EndDialog
DispatchMessageA
EndPaint
SendMessageA
KillTimer
SetWindowTextA
SetWindowLongA
ClientToScreen
IsWindow
GetWindowLongA
PostQuitMessage
LoadStringA
ReleaseCapture
SetTimer
FillRect
GetDC
GetWindowRect
CreateWindowExA
SetCapture
ReleaseDC
MessageBoxA
CheckMenuItem
ScreenToClient
GetFocus
GetCursorPos
EnableWindow
TranslateMessage
MapWindowPoints
SetFocus
GetDesktopWindow
InvalidateRect
GetWindow
GetDlgItem
GetSysColor
DrawTextA

Sections

.text
Size: 484KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ad5dc998c47dfdc94ed8ef4388a1409

Headers

File Characteristics

Imports

gdi32

advapi32

version

oleaut32

kernel32

user32

Sections

.text Size: 484KB - Virtual size: 482KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 28KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 688B

.text
Size: 484KB - Virtual size: 482KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 28KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 688B