9c97096fa04aa0ce20ce59ba894e3b11_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9c97096fa04aa0ce20ce59ba894e3b11_JaffaCakes118
Size

1.0MB
MD5

9c97096fa04aa0ce20ce59ba894e3b11
SHA1

4fb9f608da2a48d5e067fc065985a16310b72d16
SHA256

706084a136119e904772be4ffded6c06f33fe7983327fc4100c8133a500698ea
SHA512

5310c8e9ca0821b84aff22628b62475a6ba18e0d87af44b2424dc3eb9670535d02311a25ea5fcc7cbb02adcb6258b4fff6c34fd79f9bb2134ecd79a142411263
SSDEEP

24576:jhOWDcROIKdH0YBGN1NkK3J7srh937PSQ5XtmmiAPwGP:jhOmcsIK6X+K3Jorh937l5XetO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c97096fa04aa0ce20ce59ba894e3b11_JaffaCakes118

Files

9c97096fa04aa0ce20ce59ba894e3b11_JaffaCakes118
.exe windows:5 windows x86 arch:x86

34d45fd61c73bca49323aa6f8dd06d43

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
GetLocaleInfoA
HeapSize
GetVolumeInformationW
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
EnumResourceTypesA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
LocalFree
FindFirstVolumeW
CloseHandle
GetCurrentThreadId
LoadLibraryExA
DeviceIoControl
QueryDosDeviceW
LockResource
LoadLibraryA
GetProcAddress
lstrcmpiA
GetLastError
lstrlenW
MultiByteToWideChar
HeapCreate
CreateEventA
SizeofResource
Sleep
GetConsoleMode
FindResourceExA
LoadResource
SetErrorMode
GetDriveTypeW
SetLastError
InterlockedIncrement
RaiseException
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
HeapReAlloc
UpdateResourceA
WaitForSingleObject
VirtualAlloc
VirtualFree
HeapFree
EnterCriticalSection
FreeResource
GetSystemTimeAsFileTime
CreateFileA
LeaveCriticalSection
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleW
HeapAlloc

user32

SetWindowTextA
DrawFrameControl
SystemParametersInfoA
DispatchMessageA
GetDialogBaseUnits
MoveWindow
UnregisterHotKey
CopyRect
GetWindowLongA
GetSystemMetrics
FillRect
DrawMenuBar
GetSysColorBrush
GetCursorPos
GetSysColor
DefWindowProcA
GetDlgItem
EnableMenuItem
GetMessageA
GetNextDlgGroupItem
ScreenToClient
GetWindowRect
PostQuitMessage
SendDlgItemMessageA
MessageBoxA
DrawTextA
DrawIconEx
LoadStringA
CopyImage
wsprintfA
GetClientRect
SendMessageA
DrawEdge
GetDC
TranslateMessage
GetForegroundWindow
CreateDialogIndirectParamA
SetRect
ReleaseDC

gdi32

GetTextExtentPoint32W
SetTextColor
DeleteDC
CreateFontIndirectW
StretchBlt
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
ExtTextOutW
RealizePalette
SelectPalette
SetStretchBltMode
Polyline
CreatePen
GetObjectA
GetStockObject
UpdateColors
CreateSolidBrush
BitBlt

advapi32

GetUserNameA
LookupAccountNameA

ole32

PropVariantCopy
CoInitializeEx
StgCreateStorageEx
PropVariantClear
CoCreateInstance
StgOpenStorageEx
StringFromGUID2

oleaut32

SafeArrayAllocDescriptor

crypt32

CryptFindOIDInfo

shlwapi

StrDupA
PathRemoveBackslashW
StrToIntExA

comctl32

ImageList_Draw
ord17

gdiplus

GdipLoadImageFromFile
GdiplusStartup
GdipGetImageRawFormat
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdiplusShutdown
GdipFree

uxtheme

GetThemeSysFont
SetWindowTheme

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 900KB - Virtual size: 899KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 801KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34d45fd61c73bca49323aa6f8dd06d43

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

crypt32

shlwapi

comctl32

gdiplus

uxtheme

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 900KB - Virtual size: 899KB

.data Size: 11KB - Virtual size: 17KB

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 9KB - Virtual size: 801KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 900KB - Virtual size: 899KB

.data
Size: 11KB - Virtual size: 17KB

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 9KB - Virtual size: 801KB