71d83ce7f230ead2e522a015c1967092_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71d83ce7f230ead2e522a015c1967092_JaffaCakes118
Size

292KB
MD5

71d83ce7f230ead2e522a015c1967092
SHA1

5a1d3646a6e899bed9317c2181eb5ff0e7188d46
SHA256

e6c885a68ba02b58691d0f736826f1e54966d50cc9ca4d8b6e6f917a9c9cc199
SHA512

021a739b998e0331ffe37dfbaf955f9d971321ffd48e93a393cb36e9cb03aa42ce8ab8dc3eda00e0adae3a903e63bd989c82beb749be8b45bf35b81e6ebc1a3c
SSDEEP

3072:xsZXLJS9+TjTgvCod5Dh+bvZ8Ts05gyRMpvl2xZ5xmw3zBbC/ZV3E:2XLJpTjTUpRYvZ8TRShdl8L3tuZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d83ce7f230ead2e522a015c1967092_JaffaCakes118

Files

71d83ce7f230ead2e522a015c1967092_JaffaCakes118
.exe windows:5 windows x86 arch:x86

061f4c87baf96d8684b51761bcaca1fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA
HeapSize
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetConsoleMode
SetStdHandle
CreateFileA
LocalFree
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
GetModuleFileNameA
LocalAlloc
LoadLibraryA
GetProcAddress
TlsSetValue
TlsAlloc
TlsGetValue
FlushFileBuffers
HeapAlloc
GetStringTypeA
SetFilePointer
GetFileType
SetHandleCount
GetLastError
MulDiv
GetConsoleWindow
CreateDirectoryW
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc

user32

SetDlgItemTextA
DestroyIcon
LoadCursorA
CheckMenuItem
SendMessageA
DefWindowProcW
EndPaint
DestroyWindow
SetCursor
SetWindowRgn
GetWindowRect
PostQuitMessage
LoadIconA
CallNextHookEx
wsprintfA
GetClientRect
MapWindowPoints
DrawTextExW
BeginPaint
EnumWindows
LoadIconW
OffsetRect
OemToCharA
MessageBoxA
InvalidateRect
GetWindowLongW
CreateWindowExA
GetDlgItem
SetWindowLongW
EndDialog
DefWindowProcA
RedrawWindow
SetWindowPos
GetSystemMetrics
LoadImageA
SendMessageW

gdi32

EndPage
StartPage
SetTextColor
DeleteDC
GetDeviceCaps
CreateFontIndirectA
GetCurrentObject
SetBkMode
DeleteObject
SelectObject
CreateRectRgnIndirect
Rectangle
StartDocA
GetObjectA
EndDoc
GetStockObject

advapi32

CreateWellKnownSid
ConvertSidToStringSidA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

ord596
ord597
SHCreateStreamOnFileEx
ord12

comctl32

ord17
ImageList_ReplaceIcon
ImageList_Create
ImageList_GetIconSize

gdiplus

GdiplusShutdown
GdiplusStartup

imm32

ImmReleaseContext
ImmGetCompositionStringA
ImmGetContext

rasapi32

RasValidateEntryNameA

authz

AuthzInitializeResourceManager
AuthzFreeResourceManager
AuthzFreeContext
AuthzInitializeContextFromSid

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

061f4c87baf96d8684b51761bcaca1fa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

shlwapi

comctl32

gdiplus

imm32

rasapi32

authz

Sections

.text Size: 173KB - Virtual size: 173KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 93KB - Virtual size: 93KB

.text
Size: 173KB - Virtual size: 173KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 93KB - Virtual size: 93KB