39c2a6dda90d3a1b0013f033dccdfc14_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39c2a6dda90d3a1b0013f033dccdfc14_JaffaCakes118
Size

211KB
MD5

39c2a6dda90d3a1b0013f033dccdfc14
SHA1

b0e4e77a6cb9129b0cc1f0160c48e8013d6653bb
SHA256

d0aed2effebd7766f8dbc98e447edd24cabb63ff7441e0d3992ab112e8ad31be
SHA512

14679c15f2531f4f88f57f659556c9ce6655faca5a8f3c06ead2cb434f64405b8b847827ac1266a53b26fd2bbe3eae418caaf638728311b2a0e11fb287e2f4f7
SSDEEP

3072:kmWcnuTXqF8gNF7B1Wzfm40jpTfna+ZBQ4ANA9V1FWtPnMo/S8pQ80RT010Z5YJt:kmH5WgrT94oyjjAD1wt/Mcd0iiZIxDn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39c2a6dda90d3a1b0013f033dccdfc14_JaffaCakes118

Files

39c2a6dda90d3a1b0013f033dccdfc14_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b707a6e67db2d697c5e9f09ff44fa4d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

ChooseColorA
GetOpenFileNameA
FindTextA
GetFileTitleA

user32

RegisterClassA
BeginPaint
DefMDIChildProcA
ShowScrollBar
BeginDeferWindowPos
EnumChildWindows
FindWindowA
EndDeferWindowPos
GetMenuItemInfoA
SetWindowLongA
MessageBoxA
GetDCEx
CreateWindowExA
GetCursor
GetSysColorBrush
GetKeyNameTextA
FrameRect
SetWindowTextA
CallWindowProcA
DrawMenuBar
GetMenuItemCount
CharNextA
GetFocus

kernel32

DeleteFileA
LoadLibraryA
lstrcpynA
CreateEventA
GetCPInfo
WideCharToMultiByte
Sleep
EnterCriticalSection
FreeResource
WaitForSingleObject
GetEnvironmentStrings
SetLastError
GetLocalTime
GlobalDeleteAtom
GetTickCount
VirtualAlloc
MoveFileExA
lstrcmpiA
GetModuleHandleA
CreateFileA
GetCurrentThreadId
GetDateFormatA
GetLocaleInfoA
ExitProcess
ExitThread
GetLastError
GetOEMCP

advapi32

RegDeleteValueA

msvcrt

memcmp
log10
memmove
_acmdln
malloc
srand
strncmp
abs
ceil
sqrt

version

GetFileVersionInfoA

ole32

CoUnmarshalInterface
GetHGlobalFromStream
OleRegGetUserType

gdi32

CreateCompatibleBitmap
SelectObject
CreateDIBSection
CreateFontIndirectA
CreateCompatibleDC
SetPixel
BitBlt

shlwapi

SHQueryValueExA
PathIsContentTypeA
PathGetCharTypeA
SHDeleteKeyA
SHGetValueA
SHDeleteValueA

Sections

CODE
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 160KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 713B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b707a6e67db2d697c5e9f09ff44fa4d6

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

advapi32

msvcrt

version

ole32

gdi32

shlwapi

Sections

CODE Size: 46KB - Virtual size: 46KB

.idata Size: 160KB - Virtual size: 260KB

.edata Size: 1024B - Virtual size: 713B

.reloc Size: 2KB - Virtual size: 1KB

CODE
Size: 46KB - Virtual size: 46KB

.idata
Size: 160KB - Virtual size: 260KB

.edata
Size: 1024B - Virtual size: 713B

.reloc
Size: 2KB - Virtual size: 1KB