039e60eff731c85fce5ff4bf111a1d33_JaffaCakes118

General

Target

039e60eff731c85fce5ff4bf111a1d33_JaffaCakes118
Size

65KB
MD5

039e60eff731c85fce5ff4bf111a1d33
SHA1

6f774d5c3f8690591be7a516ca4e12915d105c78
SHA256

51cedcfa825a073ffa4a727559fadd2989d1a4f0b960b5c7440befa9101505d3
SHA512

9c74a21b64ec4467c0dd3939c9cc9733b2faff965e0890c0945d099180a4deaa5e372b432af760c19297fdba310f90c0b3fcd471aa517414d57e30a8f17d95fc
SSDEEP

1536:WQQunHMLENNbSHYNiItOgBiOknI7w5vpUWZHtPFwJf25n:WmnHfNNgKbwZaiqewJe5n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
039e60eff731c85fce5ff4bf111a1d33_JaffaCakes118

Files

039e60eff731c85fce5ff4bf111a1d33_JaffaCakes118
.exe windows:1 windows x86 arch:x86

fa2ecfca416bc9314ed66569359967f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetSystemInfo
GetFileAttributesA
GetSystemTimeAsFileTime
CloseHandle
GetFileTime
TlsFree
DeviceIoControl
TlsGetValue
IsBadReadPtr
LockResource
VirtualQueryEx
GetLastError
ReadProcessMemory
WriteConsoleW
TerminateThread
PulseEvent
OpenProcess
GetCurrentDirectoryA
GetModuleHandleA
GetOEMCP
GetProcAddress
CompareStringA
GetStartupInfoA
SetEvent
ExitProcess

msvcrt

_stricmp
_ismbbpunct
_adj_fpatan
__p__commode
__set_app_type
_mbctoupper
_itow
_wenviron
_initterm
_amsg_exit
strcoll
_wcsnset
_setjmp3
__setusermatherr
gmtime
_putws
_ismbchira
_controlfp
atan
fgetpos
_copysign
_except_handler3
_filelengthi64
memcpy
_dup
_strncoll
ceil
strstr
_exit
_mbsnbcoll
_scalb
__p__fmode
_wstat64
_lseek
frexp
_spawnl
_adjust_fdiv
wcscoll
_wgetenv
_mbscoll
_wfindnext64
_acmdln
mktime
asctime
scanf
exit
__getmainargs
_XcptFilter

gdi32

GetObjectA
GetBkMode
DeleteDC
RectInRegion
SetBkColor
GetBkColor
SetTextAlign
BitBlt
EndPage
GetTextMetricsA
SelectObject
DeleteObject
StartDocA
CreateCompatibleDC
SaveDC
StartPage
SetROP2
ExtTextOutA
CreateRectRgnIndirect
SetTextColor

user32

IsDlgButtonChecked
MessageBoxA
CheckMenuItem
GetClassNameA
FindWindowA
SetTimer
ShowWindow
EnumChildWindows
EndDeferWindowPos
IsZoomed
GetWindowRect
GetPropA
GetUpdateRgn
ExitWindowsEx
DeleteMenu
GetWindowTextA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa2ecfca416bc9314ed66569359967f3

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 104KB

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 104KB

.rsrc
Size: 33KB - Virtual size: 32KB