97cf222f4f918fa2cc3739b67fd0813b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

97cf222f4f918fa2cc3739b67fd0813b_JaffaCakes118
Size

829KB
MD5

97cf222f4f918fa2cc3739b67fd0813b
SHA1

3f8692768d8c23aadd14095c490a41a0597c69d7
SHA256

1a8559cfa63621a2739ec413b59fb4677e6cf34f89cd2cff075d83fb0114b2f0
SHA512

9334f85d5a38b0a568134108abe91c420ed1257a9753136f9a8a6b9124c7a46cd8050b8102068eec8cbc2c8c9585a6201cd7c861d7002a16c3972758b2691cd3
SSDEEP

24576:kiE3voTCSzkRI1XVnHi5GNlR4Ffz20sdIWF6:kiE3v09zrpMS2z2tq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97cf222f4f918fa2cc3739b67fd0813b_JaffaCakes118

Files

97cf222f4f918fa2cc3739b67fd0813b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2c0c20ff4a2751760bae45931b3195e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

KillTimer
CheckRadioButton
PostThreadMessageW
ScrollWindowEx
GetScrollInfo
FindWindowExW
FillRect
GetClientRect
GetWindowTextW
DispatchMessageW
BeginPaint
ReleaseDC
GetWindowDC
GetDC
SetMenuDefaultItem
DestroyMenu
SetMenu

crypt32

CertGetNameStringW
CryptHashPublicKeyInfo
CryptExportPKCS8
CryptDecodeObjectEx
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertFreeCTLContext
CertAddStoreToCollection
CertGetPublicKeyLength
CertVerifyTimeValidity
CryptAcquireCertificatePrivateKey

psapi

GetProcessImageFileNameW

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_GetScrollPos
ImageList_Write
ImageList_GetDragImage
ImageList_DragMove
ImageList_GetIcon
ImageList_DrawEx
ImageList_AddMasked
ImageList_Add
ImageList_GetImageCount
ord17
DestroyPropertySheetPage

kernel32

HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
GetProcAddress
GetVersion
GlobalAlloc
GlobalLock
GlobalUnlock
LocalAlloc
VirtualAlloc
HeapSize
GetEnvironmentStringsW
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FileTimeToLocalFileTime
lstrlenW
LoadLibraryExW
CreateDirectoryW
GetFullPathNameW
DeleteFileW
MultiByteToWideChar
GetUserDefaultLCID
CreateFileW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
SetLastError
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo

userenv

LeaveCriticalPolicySection
UnregisterGPNotification
GetUserProfileDirectoryW

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 751KB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c0c20ff4a2751760bae45931b3195e6

Headers

File Characteristics

Imports

user32

crypt32

psapi

comctl32

kernel32

userenv

Sections

.text Size: 66KB - Virtual size: 66KB

.data Size: 751KB - Virtual size: 7.9MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 7KB - Virtual size: 8KB

.text
Size: 66KB - Virtual size: 66KB

.data
Size: 751KB - Virtual size: 7.9MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 7KB - Virtual size: 8KB