39f951e02f3d8617c151f6a3aa1a3b81_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39f951e02f3d8617c151f6a3aa1a3b81_JaffaCakes118
Size

37KB
MD5

39f951e02f3d8617c151f6a3aa1a3b81
SHA1

336101b456e8ae20b6b8bacb369797e4f7449de9
SHA256

40938eaedda8abe20ead6d492e0e08473daca8c1e196217cc7320787584e8936
SHA512

2358556a7cf4ad873735eecf16e6289148f262e5d3897d622d6501241a77c06bf2a8a609f3c599353c825ea83025d55fd3ca80441813f809364e1da6a737c3dd
SSDEEP

768:4febGZXax1lt+zHWPAU+wiP+/McwuIFp7nhvKpYmLC4lxX43YnlV:4febGZXax1qUAdH+0cIFprhypYEDl7lV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f951e02f3d8617c151f6a3aa1a3b81_JaffaCakes118

Files

39f951e02f3d8617c151f6a3aa1a3b81_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6aad67a7cd7648fe6e4b9c82e95eca3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

user32

CharNextA
DispatchMessageW
GetWindowRect
EndDialog
CharNextW
DialogBoxParamW
CharUpperW
GetDC
ExitWindowsEx
GetDlgItem
DestroyWindow
CreateDialogParamW
GetDlgItemTextW
EnableWindow
ReleaseDC
GetDesktopWindow
GetSystemMetrics
PeekMessageW
ShowWindow
MessageBoxW
MsgWaitForMultipleObjects
MessageBeep
IsWindow
SendMessageW
CharPrevW
SetWindowTextW
UpdateWindow
SetWindowPos
LoadStringW
SetDlgItemTextW
SendDlgItemMessageW
OemToCharA

rpcrt4

RpcStringFreeW

ntdll

NtAllocateVirtualMemory
NtLoadKey

gdi32

GetStockObject
DeleteObject
CreateFontIndirectW
GetObjectW
GetDeviceCaps

msvcrt

memcpy
_initterm
_vsnwprintf
_ultow
_XcptFilter
_amsg_exit
free
_adjust_fdiv
__p__fmode
malloc
_wcsnicmp
_wtoi
memset
memmove
__p__commode
_setjmp3
_vsnprintf
_wtol
_wcsicmp

advapi32

RegUnLoadKeyW
RegCloseKey
RegLoadKeyW
RegQueryValueExA
AdjustTokenPrivileges
GetSecurityDescriptorLength
LookupPrivilegeValueW
RegQueryValueExW
FreeSid
RegSetValueW
EqualSid
RegQueryInfoKeyW
IsValidSecurityDescriptor
AllocateAndInitializeSid
RegSetValueExW
OpenProcessToken
RegOpenKeyExW
RegDeleteKeyW
GetSecurityDescriptorControl
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
RegSaveKeyW
GetTokenInformation

shlwapi

StrChrW
PathBuildRootW
PathAppendW
PathAddBackslashW
PathFileExistsW
StrRChrW
StrStrIW
PathCombineW
PathRemoveFileSpecW

setupapi

SetupFindNextLine
SetupCloseInfFile
SetupDefaultQueueCallbackW
SetupOpenAppendInfFileW
SetupOpenFileQueue
SetupSetDirectoryIdW
SetupGetLineTextW
SetupFindFirstLineW
SetupGetStringFieldW
SetupQueueCopyW
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupCommitFileQueueW
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupOpenInfFileW

kernel32

GetUserDefaultUILanguage
FindFirstFileW
UnhandledExceptionFilter
GetVolumeInformationW
CompareStringW
CreateDirectoryW
FindNextFileW
Sleep
ExpandEnvironmentStringsW
SetUnhandledExceptionFilter
FindResourceExW
FreeLibrary
GetFileTime
GetDriveTypeW
DisableThreadLibraryCalls
WriteFile
GetDiskFreeSpaceW
TerminateProcess
GetSystemDefaultUILanguage
lstrcmpiW
GetCurrentProcess
GetPrivateProfileSectionW
FindResourceW
QueryPerformanceCounter
ReadFile
LocalFree
SetFilePointer
GetModuleHandleW
SearchPathW
LoadLibraryW
RtlUnwind
lstrlenA
GetVersionExW
GetWindowsDirectoryW
MoveFileW
GetShortPathNameW
SizeofResource
GetSystemTimeAsFileTime
SetLastError
SetFileTime
InterlockedExchange
GetFileAttributesW
lstrcmpiA
lstrcmpW
GetSystemDirectoryW
GetLocalTime
UnmapViewOfFile
GetFullPathNameW
GetPrivateProfileIntW
GetEnvironmentVariableW
MapViewOfFile
WideCharToMultiByte
GetCurrentThreadId
InterlockedCompareExchange
GetCurrentProcessId
GetFileSize
GetTickCount
CloseHandle
CreateFileMappingW
LoadLibraryExW
CopyFileW
MoveFileExW
GetModuleFileNameW
GetSystemInfo
LockResource
DeleteFileW
CreateProcessW
GetTempFileNameW
FormatMessageW
ExitProcess
EnumResourceLanguagesW
SetFileAttributesW
lstrlenW
GetProcAddress
CreateFileW
GetProfileStringW
GetStartupInfoA
MulDiv
MapViewOfFileEx
GetTempPathW
FindClose
WritePrivateProfileStringW
MultiByteToWideChar
LocalReAlloc
GetPrivateProfileStringW
WritePrivateProfileSectionW
GetLastError

ole32

OleInitialize
CoTaskMemFree
OleUninitialize

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6aad67a7cd7648fe6e4b9c82e95eca3b

Headers

DLL Characteristics

File Characteristics

Imports

version

user32

rpcrt4

ntdll

gdi32

msvcrt

advapi32

shlwapi

setupapi

kernel32

ole32

Sections

.text Size: 8KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 36B

.rsrc Size: 145KB - Virtual size: 144KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 360KB

.text
Size: 8KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 36B

.rsrc
Size: 145KB - Virtual size: 144KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 360KB