39f8f8e9a6f57d7e86c47386acd7d3b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

39f8f8e9a6f57d7e86c47386acd7d3b9_JaffaCakes118
Size

2.2MB
MD5

39f8f8e9a6f57d7e86c47386acd7d3b9
SHA1

156ab8ffe86e1c7785ed94071dce793a1de99bbb
SHA256

40ce5595b9b586410b144129623c35c1e81b7decebbeac0cc48257f43edd5f4b
SHA512

5554f6138aba64d290a6d42a563e6a17b4b133ea00c26c0b355dbb98274dd47207e8084730ed865f97f3e0782111fb433cb3320ade87ef926d129230209ee51e
SSDEEP

49152:b3s5SKv2zLuN4ipMIyYgMzexDIXbfZVRRjc1dT3l:b85SOKiUYgMaxDILZVojT3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f8f8e9a6f57d7e86c47386acd7d3b9_JaffaCakes118

Files

39f8f8e9a6f57d7e86c47386acd7d3b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a2660129b0ca144bc35b805e23bb0712

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleHandleA
ExitProcess
Sleep
HeapSize
HeapReAlloc
LCMapStringA
HeapCreate
GetModuleFileNameA
GetStdHandle
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoW
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
LCMapStringW
SetStdHandle
VirtualFree
VirtualAlloc
CloseHandle
OpenMutexW
LockResource
GetCommandLineW
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetCurrentProcessId
CompareStringW
lstrlenA
lstrcpynA
lstrcmpW
SetLastError
WriteConsoleA
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
lstrcatW
lstrcpynW
lstrcpyW
GetVersionExW
lstrcmpiW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
lstrlenW
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LoadLibraryW
FreeLibrary
GetProcAddress
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException

user32

GetWindowThreadProcessId
GetActiveWindow
WindowFromPoint
GetMessagePos
GetWindowDC
ModifyMenuW
DrawFrameControl
GetClassNameW
GetCapture
GetCursorPos
DrawFocusRect
UnhookWindowsHookEx
RegisterWindowMessageW
CallNextHookEx
SystemParametersInfoW
SetWindowsHookExW
GetSubMenu
FrameRect
IsWindowEnabled
ScreenToClient
GetWindowTextLengthW
GetWindowTextW
IsMenu
SetRectEmpty
PeekMessageW
PtInRect
MessageBeep
IsWindowVisible
TrackPopupMenuEx
MonitorFromPoint
GetMonitorInfoW
LoadStringA
PostQuitMessage
SetMenuItemInfoW
MapWindowPoints
PostMessageW
RemoveMenu
CreatePopupMenu
GetWindowRect
TranslateAcceleratorW
LoadStringW
LoadMenuW
LoadAcceleratorsW
GetSysColorBrush
ReleaseCapture
GetFocus
OffsetRect
EndPaint
BeginPaint
SetRect
DrawEdge
DrawTextW
FillRect
CreateWindowExW
GetSystemMetrics
GetDesktopWindow
InflateRect
GetSysColor
SetFocus
ReleaseDC
GetDC
AdjustWindowRectEx
GetKeyState
SetMenuDefaultItem
CheckMenuRadioItem
EnableMenuItem
AppendMenuW
DeleteMenu
SetCursor
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
CallWindowProcW
IsWindow
GetDlgCtrlID
GetParent
SetCapture
RedrawWindow
InvalidateRect
UpdateWindow
ClientToScreen
GetClientRect
SetWindowPos
SetWindowTextW
SendMessageW
GetWindowLongW
GetClassInfoExW
LoadCursorW
LoadImageW
RegisterClassExW
DestroyWindow
CharNextW
DefWindowProcW
DestroyMenu
ShowWindow
SetWindowLongW
wvsprintfW
CharLowerW
UnregisterClassA

gdi32

CreateDIBSection
DeleteObject
GetStockObject
CreateCompatibleDC
SelectObject
SetViewportOrgEx
CreateCompatibleBitmap
Polygon
CreatePen
CreateSolidBrush
DeleteDC
GetObjectW
SetBkMode
SetTextColor
MoveToEx
LineTo
CreateFontIndirectW
BitBlt
SetBrushOrgEx
SetBkColor
PatBlt
CreatePatternBrush
CreateBitmap

advapi32

RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW

shell32

ShellExecuteW

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize

oleaut32

VarDecCmp
VarDecFromStr
VarR8FromStr
VarI4FromStr
VarDateFromStr
VarUI4FromStr

comctl32

ImageList_BeginDrag
ImageList_AddMasked
ImageList_EndDrag
ImageList_Create
InitCommonControlsEx
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_GetImageCount
_TrackMouseEvent
ImageList_Draw
ImageList_DrawIndirect
ImageList_Destroy

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2660129b0ca144bc35b805e23bb0712

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 360KB - Virtual size: 360KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 360KB - Virtual size: 360KB