999210bd5e45a3a55c732ef5160a497a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

999210bd5e45a3a55c732ef5160a497a_JaffaCakes118
Size

462KB
MD5

999210bd5e45a3a55c732ef5160a497a
SHA1

c755c6ca05e20dd1dd58724ff11fca575c5dabec
SHA256

2aeba0332738848c1ba224c4ab14c1b45d91e850f9aa3820892b8873fca1b613
SHA512

4c0733fd0f179995ce8311122f9c1f659d458556fc2035bc26dc4a462937806d0931092110e57abf5d8d62087182ca6a9fcd7b1fa4ab9b2edd1c5ccbd2540252
SSDEEP

6144:3ycVK89wr1B/LdksgYtOOAy6iq6nk0iUNSDYWNrrkzgFyyyyyyyyyyyyyyyyyyyP:3FVwr1BjdksgYUOAy6wPQRw8DVB2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
999210bd5e45a3a55c732ef5160a497a_JaffaCakes118

Files

999210bd5e45a3a55c732ef5160a497a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

53d9e895a72a757803b60f5bcf166a9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\HPA\realize\Release\P5.pdb

Imports

kernel32

lstrcpyA
GetCurrentProcessId
DeleteFileW
CloseHandle
GetCurrentDirectoryA
LockResource
GetFileType
LoadLibraryA
CreateNamedPipeA
VirtualAlloc
GetLastError
SetCurrentDirectoryA
SetEnvironmentVariableA
CompareStringW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
RtlUnwind
MultiByteToWideChar
LCMapStringW
HeapSize
GlobalUnlock
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
RaiseException
IsValidCodePage
GetOEMCP
GetACP
CreateFileW
CreateSemaphoreA
CreateEventA
SizeofResource
GlobalAlloc
FindResourceExA
GetPriorityClass
EnumResourceTypesA
WaitForSingleObject
GlobalLock
GetLogicalDriveStringsW
UpdateResourceA
LoadResource
MapUserPhysicalPages
FreeResource
CreateFileA
ExitThread
GetCPInfo
HeapCreate
IsProcessorFeaturePresent
GetModuleFileNameW
GetStdHandle
WriteFile
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
Sleep
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetConsoleMode
GetTickCount
GetCurrentProcess
TerminateProcess
EncodePointer
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapAlloc
HeapFree
DecodePointer
ExitProcess
GetModuleHandleW
GetProcAddress
CreateThread
ResumeThread
GetModuleHandleA
GetTimeZoneInformation

user32

DispatchMessageA
OpenClipboard
DefMDIChildProcA
GetTabbedTextExtentA
GetWindow
GetCursorPos
DefWindowProcA
SetClipboardData
LoadCursorA
LoadImageA
DialogBoxParamA
TranslateMessage
EndPaint
GetMessageA
CloseClipboard
RegisterClassExA
PostQuitMessage
SendDlgItemMessageA
DrawTextA
LoadStringA
LoadBitmapA
GetParent
LoadIconA
DrawIcon
GetClientRect
SendMessageA
BeginPaint
PtInRect
SetScrollRange
GetDC
EndDialog
GetWindowTextA
SetPropA
MessageBoxA
GetWindowLongA
CreateWindowExA
ReleaseDC
EmptyClipboard
TranslateAcceleratorA
PostMessageA
GetClassInfoA
SetWindowTextA
DestroyWindow
GetSystemMetrics
RegisterClassA
ShowWindow
SetWindowPos
AdjustWindowRect
ClientToScreen
MsgWaitForMultipleObjects
GetDesktopWindow
SetCursorPos
PeekMessageA
ChangeDisplaySettingsA
EnumDisplaySettingsA
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetSubMenu
MapVirtualKeyA
GetKeyState
ChildWindowFromPoint
ScreenToClient
TrackPopupMenu
CreatePopupMenu
DestroyMenu
RemoveMenu
AppendMenuA
ModifyMenuA
SetCursor
WindowFromPoint
GetDlgItem
ActivateKeyboardLayout

gdi32

GetStockObject
GetTextExtentPoint32A
DeleteDC
StretchBlt
CreateFontIndirectA
GetTextCharsetInfo
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
StartDocA
SetTextJustification
RoundRect
SetTextAlign
GetObjectA
GdiFlush
TextOutA
GetDeviceCaps
SetPixelFormat
ChoosePixelFormat
SwapBuffers
DescribePixelFormat
RealizePalette
SelectPalette
CreatePalette
GetSystemPaletteEntries
GetPixelFormat
UnrealizeObject
SetPaletteEntries

shell32

SHParseDisplayName
SHCreateShellItem
SHBindToParent
Shell_NotifyIconA
SHGetDesktopFolder
ord195
DragQueryFileA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

opengl32

glViewport
glBegin
glVertex3f
glLineWidth
glTranslatef
glEnable
glFlush
glColor3f
glLoadIdentity
glMatrixMode
wglMakeCurrent
wglGetCurrentDC
wglGetCurrentContext
glReadBuffer
glVertex2f
glClear
glEnd
glLineStipple
glGetString
glGetError
glFinish
wglGetProcAddress
wglDeleteContext
wglCreateContext
glDrawBuffer
glDisable

glu32

gluOrtho2D
gluErrorString

gdiplus

GdipImageGetFrameCount
GdipCloneImage
GdipFree
GdipDeleteGraphics
GdipDrawImageRectI
GdipLoadImageFromFile
GdipImageGetFrameDimensionsList
GdipLoadImageFromFileICM
GdipAlloc
GdipDisposeImage
GdipGetPropertyItemSize
GdipCreateFromHDC

ws2_32

WSAEventSelect

shlwapi

ord14
SHCreateStreamOnFileW
StrToIntExA

dbghelp

SymGetModuleBase
SymGetModuleInfo

setupapi

CM_Get_DevNode_Registry_PropertyA

uxtheme

SetWindowTheme

winmm

joySetCapture
joyReleaseCapture
joyGetPosEx
joySetThreshold

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53d9e895a72a757803b60f5bcf166a9f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

opengl32

glu32

gdiplus

ws2_32

shlwapi

dbghelp

setupapi

uxtheme

winmm

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 14KB - Virtual size: 23KB

.rsrc Size: 189KB - Virtual size: 188KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 14KB - Virtual size: 23KB

.rsrc
Size: 189KB - Virtual size: 188KB