98244a860678c428503cf9372caaa605_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

98244a860678c428503cf9372caaa605_JaffaCakes118
Size

163KB
MD5

98244a860678c428503cf9372caaa605
SHA1

ab837385374a11eba1c9e17332bc22cf7155c448
SHA256

58ea304eeb3fd49e6b45e7d906a0ad7e45dfacd991f77fc30de8629b5cc71278
SHA512

1e756647be604bde00a0d42cb864c382b378605ee8f4ce426274651b496efd6aff19fc00c35f09cad2b0601d799aaec72497e9c6b4198224afa3246cc7c32990
SSDEEP

1536:k4sXQfDaVDLyMG2SdaG2sUUO/EaqLl1PBQwyxND7T5jU32r8495SGgvPCYZ375Yi:egfEDWgAqJ7T5jU3Y8wSBHCYX+VVNS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98244a860678c428503cf9372caaa605_JaffaCakes118

Files

98244a860678c428503cf9372caaa605_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f6eea37927c830b18035ec288e9f434c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetFileType
SetHandleCount
GetEnvironmentStringsW
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStrings
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCommandLineA
GetLastError
MultiByteToWideChar
GetProcAddress
HeapAlloc
LoadLibraryW
CreateEventA
WaitForSingleObject
FreeEnvironmentStringsA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetPrivateProfileStringA
GetCurrentDirectoryW
Sleep
GetModuleHandleW
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
GetStartupInfoA
GetModuleHandleA
CreateEventW
HeapFree
WideCharToMultiByte
LoadLibraryA

user32

PostQuitMessage
CreateWindowExW
DispatchMessageW
TranslateMessage
GetMessageW
GetDlgItemTextA
GetFocus
DefWindowProcA
GetParent
EndDialog
SetWindowPos
GetWindow
SetDlgItemTextA
SendDlgItemMessageA
EnableWindow
GetDialogBaseUnits
GetCursorPos
LoadBitmapA
ClientToScreen
GetDlgItem
GetClientRect
GetSystemMetrics
PtInRect
SendMessageA
MessageBoxA
IsWindowVisible
ShowWindow
IsWindowEnabled
CreatePopupMenu
AppendMenuA
SetForegroundWindow
GetDC
InvalidateRect
ScrollWindow
ReleaseDC
SetScrollInfo
GetScrollInfo
BeginPaint
EndPaint
OffsetRect
GetWindowDC
GetWindowRect

gdi32

CreateSolidBrush
PatBlt
GetTextMetricsA
TextOutA
SelectObject
CreateCompatibleDC
DeleteDC
GetObjectA
SetTextColor
CreatePen
CreateFontA
Rectangle
SetBkColor
BitBlt
DeleteObject
CreateRectRgn
CombineRgn
ExcludeClipRect
SetBkMode
GetStockObject
TextOutW
CreatePatternBrush

winspool.drv

ClosePrinter
GetPrinterDriverA
EndDocPrinter
EndPagePrinter
WritePrinter
StartPagePrinter
StartDocPrinterA
OpenPrinterA
SetPrinterDataExA
DeviceCapabilitiesA

comdlg32

GetOpenFileNameA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CreateBindCtx

ws2_32

WSAStartup

shlwapi

PathUnquoteSpacesA

imm32

ImmAssociateContext

uxtheme

DrawThemeBackground

authz

AuthzInitializeResourceManager

sensapi

IsNetworkAlive

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6eea37927c830b18035ec288e9f434c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

shell32

ole32

ws2_32

shlwapi

imm32

uxtheme

authz

sensapi

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 31KB - Virtual size: 34KB

.rsrc Size: 63KB - Virtual size: 62KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 31KB - Virtual size: 34KB

.rsrc
Size: 63KB - Virtual size: 62KB