139c5f570e5ef98cb017b4bb45127a79_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

139c5f570e5ef98cb017b4bb45127a79_JaffaCakes118
Size

100KB
MD5

139c5f570e5ef98cb017b4bb45127a79
SHA1

4d5ab12d38951ec27af4a24c3717280d8be110b4
SHA256

d493ff9bd1439d013a1bad9de910bca53d48612655ec2a7a4ae48efd99983da1
SHA512

11eb178a59051876018cce9ba5eafb40cf9fb10a0896c9507bfc9052596c8209b5dc3ea61f8ad5e1b65b9361dc4e94d19f017b44ee97995e62a69e7c401e2f31
SSDEEP

3072:n25iYguMRe3zQ8z06kXjECWLcyxl/usk8ECudQW:OiYRMRUzvo8Lc+ljknQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
139c5f570e5ef98cb017b4bb45127a79_JaffaCakes118

Files

139c5f570e5ef98cb017b4bb45127a79_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4a46ae3e55b491c8bfa5d8894ae533c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CheckDlgButton
GetDC
GetDlgItemInt
IsRectEmpty
SetCursor
PeekMessageW
ShowWindow
SetDlgItemTextW
ClientToScreen
SetWindowLongW
DefWindowProcW
GetAsyncKeyState
ReleaseDC
EnableWindow
MoveWindow
CreateDialogParamW
TranslateMessage
IsWindow
LoadCursorW
SetDlgItemInt
GetWindowRect
DestroyWindow
GetDesktopWindow
IsWindowVisible
GetClientRect
CheckRadioButton
GetWindowLongW
wsprintfW
DispatchMessageW
LoadStringW
SendMessageW
GetDlgItem
InvalidateRect

kernel32

GetStartupInfoA
GetFileSize
LoadLibraryW
GetCurrentProcess
EnterCriticalSection
CreateSemaphoreW
GetFileAttributesW
VirtualFree
CloseHandle
MultiByteToWideChar
InterlockedExchange
GetModuleFileNameA
IsBadCodePtr
SetUnhandledExceptionFilter
lstrlenW
GetQueuedCompletionStatus
HeapAlloc
GetCPInfo
lstrlenA
GetVersionExW
ResetEvent
GlobalUnlock
GetFullPathNameW
SetThreadPriority
GlobalMemoryStatus
GlobalFree
SetFilePointer
InitializeCriticalSection
OutputDebugStringA
QueryPerformanceCounter
IsBadWritePtr
DeleteFileW
HeapFree
GetSystemTimeAsFileTime
InterlockedDecrement
lstrcpyA
ReadFile
CreateEventW
FreeLibrary
GetProcessHeap
GetSystemInfo
GlobalHandle
WideCharToMultiByte
SetEndOfFile
GetPrivateProfileStringW
CreateThread
ReleaseSemaphore
GetThreadPriority
lstrcmpiW
DeleteCriticalSection
InterlockedIncrement
IsBadHugeReadPtr
PostQueuedCompletionStatus
GetTickCount
GetCurrentThread
WaitForSingleObject
GetCurrentProcessId
LeaveCriticalSection
GetEnvironmentStringsW
lstrcpynW
lstrcmpW
WriteFile
CreateFileW
lstrcpyW
GetLastError
MulDiv
GetSystemDefaultLangID
WaitForMultipleObjects
GlobalAlloc
GetDiskFreeSpaceW
GetProfileIntA
IsBadReadPtr
CreateIoCompletionPort
GlobalLock
SetEvent

winmm

waveInReset
waveInStart
mixerGetID
waveInPrepareHeader
mixerOpen
waveInGetDevCapsW
waveInOpen
waveInClose
waveInUnprepareHeader
SendDriverMessage
mixerGetControlDetailsW
waveInStop
mixerSetControlDetails
mixerGetLineInfoW
mixerGetLineControlsW
mixerClose
waveInAddBuffer
CloseDriver
OpenDriver

msvfw32

ICCompress
ICClose
ICLocate
ICGetInfo
ICOpen
ICSendMessage
ICDecompress

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

advapi32

RegSetValueExW
RegSetValueW
RegQueryValueExW
RegCloseKey
RegCreateKeyW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW

gdi32

SelectObject
GetStockObject
GetTextExtentPoint32W
PatBlt
GetPaletteEntries
GetObjectW

msvcrt

_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
wcslen
_except_handler3

ole32

CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a46ae3e55b491c8bfa5d8894ae533c8

Headers

File Characteristics

Imports

user32

kernel32

winmm

msvfw32

version

advapi32

gdi32

msvcrt

ole32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 17KB - Virtual size: 125KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 17KB - Virtual size: 125KB

.rsrc
Size: 23KB - Virtual size: 23KB