d39724b6b74dcf7a704f79f19e6d0527_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d39724b6b74dcf7a704f79f19e6d0527_JaffaCakes118
Size

330KB
MD5

d39724b6b74dcf7a704f79f19e6d0527
SHA1

1fc07507b989793111ab1706f5d91e7d99381e67
SHA256

d85f4d307c841ca90bc29dc1dea530755c89330439de9e450a9b637d30b530f3
SHA512

1e9bd40f774e39ce703e2919b1f07c2bbc2022a0358cba5765eba9c6bacae63f319989566dc460db77da498954306ebe7b96c2284fcd56d1b782a0e2d752053b
SSDEEP

3072:eHGs3FcVRCnjbUzYJ4zWpCuAoWhgV/02YxDcMlEHNK/IaOqAFsrJhP3Yle:I3FM4njbUXWpioBVs9xh0lvEbg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d39724b6b74dcf7a704f79f19e6d0527_JaffaCakes118

Files

d39724b6b74dcf7a704f79f19e6d0527_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36a8ebfb26064a26fdf82988f78daf91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BeginPath
CloseEnhMetaFile
CopyEnhMetaFileA
CreateBrushIndirect
CreateDIBSection
CreateFontIndirectW
CreateHatchBrush
CreateRectRgn
GetDIBits
GetDeviceCaps
GetEnhMetaFilePaletteEntries
GetObjectA
GetTextExtentPoint32W
GetWinMetaFileBits
OffsetRgn
PolyDraw
SetArcDirection
SetMapperFlags
SetMetaFileBitsEx
StartDocW
StretchDIBits
UnrealizeObject

shell32

DoEnvironmentSubstW
DragAcceptFiles
DragFinish
ExtractIconA
FindExecutableW
SHBrowseForFolderW
SHFileOperationA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoW
SHGetFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteExW

user32

BeginPaint
CloseClipboard
DestroyIcon
DestroyWindow
DrawTextA
GetDC
GetMessagePos
GetScrollPos
GetSystemMenu
GetWindowPlacement
GetWindowTextA
InflateRect
InsertMenuItemA
IsWindow
MessageBoxA
OffsetRect
SendMessageA
ShowCursor
ShowWindow

advapi32

AllocateAndInitializeSid
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptCreateHash
CryptHashData
CryptReleaseContext
DeregisterEventSource
GetUserNameA
InitiateSystemShutdownA
LookupPrivilegeValueW
OpenSCManagerW
OpenThreadToken
RegCreateKeyExW
RegEnumKeyExA
RegEnumKeyExW
RegEnumValueA
RegOpenKeyExW
RegQueryInfoKeyW
RevertToSelf
SetSecurityDescriptorDacl

comctl32

CreatePropertySheetPageA
CreateStatusWindowA
CreateToolbarEx
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_Create
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_SetDragCursorImage

kernel32

CopyFileA
ExitThread
FileTimeToLocalFileTime
GetCurrentProcessId
GetEnvironmentVariableA
GetFileSize
GetLocalTime
GetLocaleInfoW
GetPrivateProfileStringA
GetVersionExA
GlobalFindAtomA
GlobalHandle
HeapSize
LeaveCriticalSection
RaiseException
ReleaseMutex
TlsSetValue
VirtualQuery
WriteFile

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

HUTXzw3h
Size: 120KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

36a8ebfb26064a26fdf82988f78daf91

Headers

File Characteristics

Imports

gdi32

shell32

user32

advapi32

comctl32

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

HUTXzw3h Size: 120KB - Virtual size: 140KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

HUTXzw3h
Size: 120KB - Virtual size: 140KB