39cc0c22393f573dc0d43d79b44aa825_JaffaCakes118

General

Target

39cc0c22393f573dc0d43d79b44aa825_JaffaCakes118
Size

56KB
MD5

39cc0c22393f573dc0d43d79b44aa825
SHA1

2cc57efb9b6992c0c20a7d91a417c8ba44a01a18
SHA256

155fe3ab8df1ea09bd37846afc4cb6418539aae5889d1614220b71000a0842a3
SHA512

80f206c37ac0513151d425866e1e908ec967429f50c2c98853336c9bdbe6e235f50783c9be416ec41c190bcfa4d213f9211a8e41284d9e13eb773dd0f41b55a1
SSDEEP

1536:Q/bgpaaDUsYEVFLErH7aWLEtFoikyU+o/:6bgpxrtrxWLCFoiXUx/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39cc0c22393f573dc0d43d79b44aa825_JaffaCakes118

Files

39cc0c22393f573dc0d43d79b44aa825_JaffaCakes118
.exe windows:4 windows x86 arch:x86

118da7909ccb7181b766589274565a00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
CreateConsoleScreenBuffer
DeleteFileW
DuplicateHandle
EnumResourceNamesW
ExitProcess
GetNumberOfConsoleInputEvents
GetProcessHeaps
GetTickCount
LeaveCriticalSection
LocalFlags
Module32First
ResumeThread
SetThreadAffinityMask
UnhandledExceptionFilter

advapi32

AbortSystemShutdownA
AbortSystemShutdownW
BuildImpersonateTrusteeA
BuildImpersonateTrusteeW
CloseServiceHandle
CryptGetDefaultProviderW
CryptSetHashParam
GetTrusteeNameW
GetUserNameW
IsValidSecurityDescriptor
OpenServiceW
RegFlushKey
RegReplaceKeyW
StartServiceCtrlDispatcherA
StartServiceCtrlDispatcherW

user32

AdjustWindowRectEx
CharPrevW
ClientToScreen
DdeSetUserHandle
DrawCaptionTempW
EndDialog
EnumPropsA
GetClassLongW
GetDlgItemTextW
GetProcessDefaultLayout
GetWindowThreadProcessId
LoadAcceleratorsA
RemoveMenu
SetSysColors

shell32

ExtractIconExA
ExtractVersionResource16W
RealShellExecuteA
SHBrowseForFolderA
SHBrowseForFolderW
SHUpdateRecycleBinIcon
SheChangeDirA
SheGetPathOffsetW
Shell_NotifyIcon

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

118da7909ccb7181b766589274565a00

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 53KB - Virtual size: 56KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 53KB - Virtual size: 56KB