139b8dfccb72e3b13ace5145659cbf37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

139b8dfccb72e3b13ace5145659cbf37_JaffaCakes118
Size

292KB
MD5

139b8dfccb72e3b13ace5145659cbf37
SHA1

3f7c93496e6fa1ebad3cbcce174b84522f0d8706
SHA256

7979d706d6d0343d0b788f1278e1cd2710e469fb14c7db16db5c118b0abbb69e
SHA512

dc338c2c295045ee061e3af5afa12d8c8ed1120a869c9bc2b7a8b7e8490dd113196ca277957761d257e29f8d8aed0207797f6a2ad34f92f2d8b02cec28cd1f85
SSDEEP

6144:p6ILtl38hbNnKUqZ4NUegkNm7gg5UBkKWXrk5gYsvtY:p6IAb5KU+0UXkNtmJrrkGYs1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
139b8dfccb72e3b13ace5145659cbf37_JaffaCakes118

Files

139b8dfccb72e3b13ace5145659cbf37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e05506b6cdb4127afcc69ab9f217667

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
SetFileAttributesA
GetFileAttributesA
CloseHandle
WriteFile
CreateFileA
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpA
DeleteFileA
Sleep
WaitForSingleObject
LocalFree
GetShortPathNameA
OutputDebugStringA
ReadFile
SetEndOfFile
GetOEMCP
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
FlushFileBuffers
lstrcpynA
SetFilePointer
LoadLibraryA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
HeapSize
TerminateProcess
GetProcAddress
VirtualFree
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapReAlloc
RtlUnwind
ExitProcess
lstrcmpiA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetLastError
InterlockedExchange
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
GetModuleHandleA
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetStdHandle

user32

GetWindowTextLengthA
SetWindowLongA
UnregisterClassA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
IsDialogMessageA
CreateDialogParamA
DefWindowProcA
CharNextA
PostMessageA
KillTimer
wsprintfA
CreateAcceleratorTableA
GetClassNameA
RedrawWindow
IsWindow
SendMessageA
SetFocus
GetFocus
IsChild
BeginPaint
EndPaint
GetSysColor
PostQuitMessage
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
FillRect
SetCapture
ReleaseCapture
DestroyAcceleratorTable
CallWindowProcA
GetWindowTextA
SetWindowTextA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetDlgItem
ScreenToClient
DialogBoxParamA
GetWindowLongA
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetParent
EndDialog
SetTimer
GetActiveWindow

gdi32

GetStockObject
GetObjectA
BitBlt
CreateSolidBrush
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
CreateCompatibleDC
GetDeviceCaps

advapi32

RegCreateKeyA
SetNamedSecurityInfoA
GetNamedSecurityInfoA
LookupAccountNameA
SetEntriesInAclA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

shell32

SHChangeNotify
SHGetSpecialFolderPathA
ShellExecuteExA
SHGetFolderPathA
ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString

oleaut32

VarUI4FromStr
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringLen
SysFreeString

comctl32

InitCommonControlsEx

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e05506b6cdb4127afcc69ab9f217667

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 192KB - Virtual size: 189KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 192KB - Virtual size: 189KB