39f98e61bf931d8cf40850fa11228ed1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39f98e61bf931d8cf40850fa11228ed1_JaffaCakes118
Size

96KB
MD5

39f98e61bf931d8cf40850fa11228ed1
SHA1

1b1a99a3223ad4992aa913d54202bc1628c3e638
SHA256

b3faf0ef380ee984a12dff26f615ad6b9d457b51345035203a2b707a753499c2
SHA512

e385d1d688fde1906344eb1d662e327bca5383c6a144c9d405988d00acc93daaae8bdbe9c710f90d6a193a3d581331a35cd243db1bea4297ead49951c8e7d340
SSDEEP

1536:6iPS2HfY/NaAg8QPAiPS2HfY/NaAg8QPAiPS2HfY/NaAg8QPAiPS2HfY/NaAg8QP:6iPSrfrqAiPSrfrqAiPSrfrqAiPSrfrq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f98e61bf931d8cf40850fa11228ed1_JaffaCakes118

Files

39f98e61bf931d8cf40850fa11228ed1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a6181bce21ea58c6ca8d912db2c3f43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptFormatObject

msvcrt

_initterm
_adjust_fdiv
__CxxFrameHandler
free
wcslen
malloc

shlwapi

StrNCatW
StrCpyNW
StrDupW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

kernel32

LeaveCriticalSection
GetCurrentProcess
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualAlloc
GetCurrentProcessId
LocalAlloc
DeleteCriticalSection
LocalFree
lstrlenW
EnterCriticalSection
GetLastError
GetCurrentThreadId
IsBadWritePtr
GetTickCount
AddAtomW
InterlockedDecrement
TerminateProcess
Sleep
UnhandledExceptionFilter
SetLastError
InterlockedIncrement
InitializeCriticalSection
DisableThreadLibraryCalls
MulDiv

gdi32

PaintRgn
SetWindowExtEx
SelectObject
CreateFontW
ExtTextOutW
SetMapMode
LineTo
SetViewportExtEx
SetBkColor
CreateSolidBrush
DeleteDC
SetTextColor
CreateCompatibleDC
GetRgnBox
DPtoLP
MoveToEx
SetViewportOrgEx
DeleteObject
SetBkMode
Ellipse
SetDCPenColor
GetStockObject
GetMapMode
CreatePolygonRgn
BitBlt
CreatePenIndirect
GetDeviceCaps

user32

UnregisterDeviceNotification
GetClientRect
InvalidateRect
CreateWindowExW
GetDlgItem
DestroyWindow
UnregisterClassW
SendMessageW
GetDlgCtrlID
GetDC
GetWindowTextW
GetCursorPos
DefWindowProcW
BeginPaint
ReleaseDC
EnableWindow
IsWindow
ScreenToClient
GetParent
SetRect
RedrawWindow
DrawTextW
DrawIconEx
LoadStringW
SetTimer
PostMessageW
SendDlgItemMessageW
SetWindowPos
GetSysColor
DestroyIcon
IsWindowVisible
GetWindowLongW
GetMessageTime
EndPaint
MapWindowPoints
RegisterDeviceNotificationW
GetWindowDC
GetSystemMetrics
MessageBoxW
ChildWindowFromPoint
SetWindowLongW
KillTimer
RegisterClassExW
GetWindowRect
LoadImageW
wsprintfW
WinHelpW

Sections

.text
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a6181bce21ea58c6ca8d912db2c3f43

Headers

File Characteristics

Imports

crypt32

msvcrt

shlwapi

advapi32

kernel32

gdi32

user32

Sections

.text Size: 512B - Virtual size: 404B

.rsrc Size: 13KB - Virtual size: 13KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: - Virtual size: 96KB

.rdata Size: 5KB - Virtual size: 5KB

.text
Size: 512B - Virtual size: 404B

.rsrc
Size: 13KB - Virtual size: 13KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: - Virtual size: 96KB

.rdata
Size: 5KB - Virtual size: 5KB