97ee2f37100f69ea1479522b143d1702_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

97ee2f37100f69ea1479522b143d1702_JaffaCakes118
Size

2.4MB
MD5

97ee2f37100f69ea1479522b143d1702
SHA1

39fed068e52080ca961b74a1fe58c82e0d2e26f8
SHA256

75bf76c6e68e3007625f52bd82f0d238a3866ec8bf6f9d1e069184b573a80a72
SHA512

e742953c9b25e84ad93cd7a24d5e5a5175d859850a8fb1b3db9071bf41a598399932599a08ebca2b836ad3c159426e602037fe91e0c7502f25dd794f699e5466
SSDEEP

24576:l31UJShPth3Deg2lnMYsThIDi5wvjGxnRaIkocLq:l31UQhlhiNnSNIDmwenEnoCq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97ee2f37100f69ea1479522b143d1702_JaffaCakes118

Files

97ee2f37100f69ea1479522b143d1702_JaffaCakes118
.exe windows:5 windows x86 arch:x86

83daf2121edd07f77b53981449c6760d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpOpenRequestW
InternetSetOptionW

winspool.drv

SetPortW

advapi32

RegSetValueExW
RegEnumKeyExW

user32

EnumDisplayMonitors
GetMonitorInfoW
TranslateMDISysAccel
LoadBitmapW
UnionRect
CopyRect
MapWindowPoints
RemovePropW
ScrollWindow
ValidateRect
GetWindowRgnBox
GetWindowDC
EnableMenuItem
GetMenu
LoadMenuW
MsgWaitForMultipleObjects
MapVirtualKeyW
GetPriorityClipboardFormat
CheckRadioButton
GetDlgItemInt
EndDialog
CreateDialogParamW
EndDeferWindowPos
BeginDeferWindowPos
FlashWindow
RegisterClassW
DrawFrameControl
RegisterWindowMessageW

setupapi

CM_Locate_DevNodeW
CM_Get_Parent
CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiOpenDevRegKey
SetupDiGetClassDevsW
SetupDiGetDriverInfoDetailW
SetupDiEnumDriverInfoW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoList
SetupInstallFromInfSectionW
SetupOpenFileQueue
SetupGetStringFieldW
SetupGetFieldCount
SetupFindNextLine
SetupFindFirstLineW

kernel32

HeapFree
GetConsoleWindow
LeaveCriticalSection
EnterCriticalSection
GetOEMCP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
TlsSetValue
TlsGetValue
TlsAlloc
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapAlloc
GetStringTypeW
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetStdHandle
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
GlobalAlloc
GlobalUnlock
GlobalFree
VirtualAlloc
HeapSize
PulseEvent
WaitForSingleObject
GetSystemTime
FormatMessageW
lstrlenW
TlsFree
GetModuleHandleW
CreateProcessW
ExpandEnvironmentStringsW
OutputDebugStringW
FindResourceW
GetTempPathW
GetDiskFreeSpaceW
CreateDirectoryW
FindFirstFileExW
FindCloseChangeNotification
GetACP
GetCPInfo
LCMapStringW
GetLocaleInfoW
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
LoadLibraryExW

shlwapi

StrCmpNW
StrCmpNIW
StrPBrkW
StrStrW
StrToIntW
StrTrimW
StrRetToBufW
PathCanonicalizeW
PathFindFileNameW
PathIsRelativeW
PathIsURLW
UrlUnescapeW
UrlEscapeW
SHSetValueW
AssocCreate

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 8.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rre3
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.9ttih
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9rcde
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83daf2121edd07f77b53981449c6760d

Headers

File Characteristics

Imports

wininet

winspool.drv

advapi32

user32

setupapi

kernel32

shlwapi

Sections

.text Size: 110KB - Virtual size: 110KB

.data Size: 1.3MB - Virtual size: 8.4MB

.idata Size: 4KB - Virtual size: 4KB

.xdata Size: 1024B - Virtual size: 724B

.rre3 Size: 240KB - Virtual size: 239KB

.9ttih Size: 191KB - Virtual size: 190KB

.9rcde Size: 164KB - Virtual size: 164KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 110KB - Virtual size: 110KB

.data
Size: 1.3MB - Virtual size: 8.4MB

.idata
Size: 4KB - Virtual size: 4KB

.xdata
Size: 1024B - Virtual size: 724B

.rre3
Size: 240KB - Virtual size: 239KB

.9ttih
Size: 191KB - Virtual size: 190KB

.9rcde
Size: 164KB - Virtual size: 164KB

.rsrc
Size: 363KB - Virtual size: 362KB