9ff7da6844b5c7c10da42b3b7bce15fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9ff7da6844b5c7c10da42b3b7bce15fe_JaffaCakes118
Size

167KB
MD5

9ff7da6844b5c7c10da42b3b7bce15fe
SHA1

5ca210e905ece9caf259962f24cce1d21c4880c9
SHA256

22e12928c6bc4a0b7644b340366724b5caa319e056f2aa9585c79b374f1923a3
SHA512

b0bebd3fb6c2f62a156a0b73eb65fbcf8e949b940f49e54b3fe0cb13533444a533fce83a883e2de0d0552f25a9d33d36c3de93fb35f8efb1edd206f202cc8871
SSDEEP

3072:TaV1fL3CH5ja04RprIAx2Jc6R9VuiIoQVzOo5ZLIdZ1:TaV1fLu+0ewJv9Vu3e8LEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ff7da6844b5c7c10da42b3b7bce15fe_JaffaCakes118

Files

9ff7da6844b5c7c10da42b3b7bce15fe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

534468c62792d3f037d34733d39ab6e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\internet\cybernetics\aimed\gost.pdb

Imports

kernel32

GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
WriteConsoleW
GetModuleFileNameA
GetStdHandle
WriteFile
Sleep
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateFileA
FlushFileBuffers
CreateThread
GetSystemTime
CloseHandle
GetCurrentThreadId
LockResource
LocalAlloc
LoadLibraryA
GetPrivateProfileStringA
ExitProcess
GlobalFree
CreateNamedPipeA
GetProcAddress
GetLastError
GlobalUnlock
lstrcatA
CreateEventA
SizeofResource
LoadLibraryW
GlobalAlloc
FindResourceExA
EnumResourceTypesA
FormatMessageA
LocalFlags
ConnectNamedPipe
GetTimeFormatA
WaitForSingleObject
GlobalLock
UpdateResourceA
HeapAlloc
LoadResource
lstrlenA
FreeResource
LCMapStringA
GetCurrentProcess
TerminateProcess
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime

user32

SetDlgItemTextA
FindWindowA
GetDialogBaseUnits
IsRectEmpty
GetWindow
GetWindowThreadProcessId
CopyRect
EndPaint
ClientToScreen
DestroyWindow
CloseClipboard
SetWindowRgn
SetTimer
ScreenToClient
GetWindowRect
PostQuitMessage
SendDlgItemMessageA
GetWindowDC
IsIconic
FillRect
NotifyWinEvent
KillTimer
DrawIconEx
SetForegroundWindow
GetFocus
LoadBitmapA
GetParent
AttachThreadInput
LoadMenuA
IsWindowEnabled
FindWindowExA
WindowFromPoint
GetClientRect
SetFocus
SendMessageA
BeginPaint
GetDC
DrawFocusRect
InflateRect
OffsetRect
GetCursorInfo
SetPropA
SetRect
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
ReleaseDC
EmptyClipboard
GetDlgItem
DefWindowProcA
GetSysColor
SetWindowPos
GetCursorPos
GetMenuItemInfoA
ShowWindow
IsDlgButtonChecked
IsWindow
CreateWindowExW
GetCursor
OpenClipboard
GetSystemMetrics
IsWindowVisible
SetWindowTextA
UpdateWindow
EnableWindow
SetClipboardData

gdi32

BitBlt
SetViewportOrgEx
SetWindowExtEx
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
CreateFontIndirectA
GetCurrentObject
SetBkColor
ExcludeClipRect
CreateBitmap
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CombineRgn
SetMapMode
CreateCompatibleBitmap
GetBkColor
CreateRectRgn
SetViewportExtEx
GetTextMetricsA
GetObjectA
TextOutW
GetStockObject
ExtTextOutA
CreateSolidBrush
TextOutA
SetBkMode

comdlg32

PrintDlgA
ChooseFontA
PageSetupDlgA
ReplaceTextA

advapi32

RegCloseKey
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExA

shell32

ord645
DragAcceptFiles
ord644

ole32

RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop

oleaut32

OleCreatePropertyFrameIndirect

shlwapi

PathRemoveFileSpecA
AssocCreate

uxtheme

DrawThemeBackground
CloseThemeData
GetThemeBackgroundRegion

rasapi32

RasGetConnectionStatistics

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

534468c62792d3f037d34733d39ab6e8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

uxtheme

rasapi32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 6KB - Virtual size: 12KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 6KB - Virtual size: 12KB

.rsrc
Size: 16KB - Virtual size: 16KB