39af90f1c3557cb79705b1e0d24dfb08_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39af90f1c3557cb79705b1e0d24dfb08_JaffaCakes118
Size

49KB
MD5

39af90f1c3557cb79705b1e0d24dfb08
SHA1

5926c3f114520394272f1acf8513e961b5b53d3b
SHA256

dcca8e7fa8697cebc7b959fb1f3ca39cf7a0cc94d87932abaa9760f5dd094339
SHA512

45868563b5e133c6da5cc30a922239038884efe41467c081d46e8eab228c8183e911fed9ce525fee4e708fed7b7a6b3a74a1876bf36a71487f86e4c3a1a84305
SSDEEP

1536:D9BmDxRlFQAZBZiB4W3AbQEr5thIsmJcaQo:B0DDlnBZS3AMkzJmeaQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39af90f1c3557cb79705b1e0d24dfb08_JaffaCakes118

Files

39af90f1c3557cb79705b1e0d24dfb08_JaffaCakes118
.exe windows:5 windows x86 arch:x86

353845c2e9197d82c038085cf0d8dcef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenuDefaultItem
TrackPopupMenu
CreateCaret
DdeClientTransaction
TileChildWindows
SetWindowWord
SetDlgItemInt
UpdateLayeredWindow
GetTabbedTextExtentA
CreateDialogIndirectParamW
SetWindowLongW
UnionRect
GetForegroundWindow
ModifyMenuA
CreateWindowExW
DefWindowProcW
LoadImageA
WindowFromPoint
RegisterRawInputDevices
GetCursorFrameInfo

msvcirt

??0filebuf@@QAE@HPADH@Z
??1strstreambuf@@UAE@XZ
??0istream@@IAE@ABV0@@Z
?pbump@streambuf@@IAEXH@Z
??_Dstdiostream@@QAEXXZ
?write@ostream@@QAEAAV1@PBCH@Z
??4stdiostream@@QAEAAV0@AAV0@@Z
?rdbuf@ifstream@@QBEPAVfilebuf@@XZ
??_7ios@@6B@
?get@istream@@QAEAAV1@PAEHD@Z
??5istream@@QAEAAV0@PAVstreambuf@@@Z
??_7iostream@@6B@
??0streambuf@@IAE@PADH@Z
?ipfx@istream@@QAEHH@Z
?read@istream@@QAEAAV1@PACH@Z
?get@istream@@QAEAAV1@AAE@Z
?in_avail@streambuf@@QBEHXZ
?text@filebuf@@2HB
??_Gstreambuf@@UAEPAXI@Z
??_8ofstream@@7B@
??0ifstream@@QAE@PBDHH@Z
??_7ifstream@@6B@
?bad@ios@@QBEHXZ
?stossc@streambuf@@QAEXXZ
??_Gexception@@UAEPAXI@Z
??0ifstream@@QAE@HPADH@Z
??_Eexception@@UAEPAXI@Z
??6ostream@@QAEAAV0@PBD@Z
??_7exception@@6B@
?sunk_with_stdio@ios@@0HA
??_Estreambuf@@UAEPAXI@Z
?gbump@streambuf@@IAEXH@Z
?tie@ios@@QAEPAVostream@@PAV2@@Z
??1ios@@UAE@XZ
?binary@filebuf@@2HB
??0strstreambuf@@QAE@PAEH0@Z
?x_maxbit@ios@@0JA
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
??_Gostream_withassign@@UAEPAXI@Z
??_Gistrstream@@UAEPAXI@Z
?gcount@istream@@QBEHXZ
?setb@streambuf@@IAEXPAD0H@Z
??0ostrstream@@QAE@ABV0@@Z
??4ifstream@@QAEAAV0@ABV0@@Z
?precision@ios@@QAEHH@Z
??1strstream@@UAE@XZ

kernel32

FindFirstFileW
EnumSystemGeoID
GlobalAlloc
GetConsoleAliasExesA
GetVolumeNameForVolumeMountPointW
WriteConsoleInputA
CreateMutexA
TransmitCommChar
GetModuleHandleW
ContinueDebugEvent
SetDefaultCommConfigW
WriteProfileStringW
GetUserDefaultLCID
GetVersionExW
GetConsoleDisplayMode
Process32Next
FindFirstVolumeMountPointA
ReadFileEx
VirtualUnlock
CreateHardLinkA
BaseFlushAppcompatCache
SetConsoleOutputCP
SetCommTimeouts
GetSystemDirectoryW
WaitForSingleObjectEx
ClearCommError
FileTimeToSystemTime
GetProcAddress
GetCurrentThread
EnumResourceTypesA
GetConsoleKeyboardLayoutNameA
GlobalAddAtomA
GetLargestConsoleWindowSize
MapViewOfFileEx
GetThreadContext
LoadLibraryW
EnumerateLocalComputerNamesA
GetLocaleInfoW
EnumUILanguagesW
InvalidateConsoleDIBits
WaitForMultipleObjectsEx
QueryPerformanceCounter
GetConsoleCommandHistoryA

dhcpcsvc

DhcpRegisterParamChange
DhcpAcquireParametersByBroadcast
DhcpCApiInitialize
DhcpFallbackRefreshParams
DhcpRenewIpAddressLease
DhcpReleaseIpAddressLeaseEx
DhcpUndoRequestParams
DhcpRemoveDNSRegistrations
DhcpRegisterOptions
DhcpReleaseIpAddressLease
DhcpRequestOptions
DhcpEnumClasses
DhcpOpenGlobalEvent
DhcpLeaseIpAddress
DhcpDeRegisterOptions
DhcpAcquireParameters
McastEnumerateScopes
DhcpPersistentRequestParams
McastRenewAddress
McastGenUID
DhcpRequestParams
McastApiCleanup
DhcpNotifyConfigChange
DhcpHandlePnPEvent
DhcpRenewIpAddressLeaseEx
DhcpCApiCleanup
DhcpDelPersistentRequestParams
DhcpDeRegisterParamChange
DhcpStaticRefreshParams

olecli32

LeQueryOutOfDate
DocWndProc
LeActivate
OleRenameClientDoc
OleRevertClientDoc
LeQueryOpen
ErrExecute
SrvrWndProc
LeSetHostNames
PbCreateFromTemplate

odbcconf

AppRegEnum
RunDLL32_RegisterApplication
SetActionLogMode

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

353845c2e9197d82c038085cf0d8dcef

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcirt

kernel32

dhcpcsvc

olecli32

odbcconf

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 11KB - Virtual size: 11KB