97277a774071c521962ab5ad2108692f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

97277a774071c521962ab5ad2108692f_JaffaCakes118
Size

819KB
MD5

97277a774071c521962ab5ad2108692f
SHA1

cfdf7679c2bd31d2673040fcacb0e0dc18220f07
SHA256

11e33d18e78a07eb6edd54ece4ae5919de04195b63bd33df5a8b128222b4bcff
SHA512

f7db50dc586c12920130f17a0a8b5e6899655bbcddf86ec4e342b3b082e2466e4d9a7e4a07ace90b2f1d18afa0aed46a8393d7a4ba7b8ccfa34bd52388ca80ba
SSDEEP

12288:72x7xUWlBRFe8dqw1TnMtuwiI6J/rkLindz6bbs4imIN07gmv/0ie4Q58XM6vYwa:QtDlA8qfiI7sAbja5vvKXvvbmcrRQ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97277a774071c521962ab5ad2108692f_JaffaCakes118

Files

97277a774071c521962ab5ad2108692f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0d35e0b7c1c61643b8d3877db46dd772

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
CreateFileA
VirtualAlloc
GetCurrentProcessId
GetLocaleInfoA
GetTickCount
GlobalUnlock
LockResource
LeaveCriticalSection
GetTimeZoneInformation
GetUserDefaultLangID
InterlockedDecrement
TlsGetValue
DeleteCriticalSection
GetDateFormatA
HeapReAlloc
GetSystemInfo
CreateFileMappingW
CompareStringA
TlsAlloc
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetFileSize
EnumSystemLocalesA
IsDebuggerPresent
InterlockedExchange
GetEnvironmentVariableW
CloseHandle
GlobalLock
SetFilePointer
GetStringTypeW
MoveFileExW
GetTimeFormatA
GetConsoleOutputCP
GetModuleFileNameW
GetCurrentThread
UnhandledExceptionFilter
HeapDestroy
HeapAlloc
GetLastError
TlsFree
GetSystemDirectoryW
WriteConsoleW
FreeLibrary
SystemTimeToFileTime
GetModuleHandleW
GetStringTypeA
TerminateProcess
VirtualFree
GetConsoleCP
FindResourceW
MapViewOfFile
RtlUnwind
TlsSetValue
SetLastError
SetUnhandledExceptionFilter
SetStdHandle
FreeEnvironmentStringsA
SetHandleCount
InterlockedIncrement
FlushFileBuffers
LoadResource
GetFileType
GetConsoleMode
LoadLibraryA
GetSystemDirectoryA
WriteConsoleA
GetProcAddress
EnumResourceLanguagesW
GetACP
HeapFree
GetStdHandle
LCMapStringW
GetLocaleInfoW
UnmapViewOfFile
GetEnvironmentStringsW
RaiseException
GetCurrentThreadId
SetEnvironmentVariableA
GetModuleFileNameA
IsValidCodePage
CreateFileW
GetStartupInfoA
GetEnvironmentStrings
WriteFile
GetCurrentProcess
SetConsoleCtrlHandler
HeapCreate
FreeEnvironmentStringsW
EnterCriticalSection
CompareStringW
EnumResourceNamesW
GlobalAlloc
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCPInfo
GetOEMCP
GetCommandLineA
SizeofResource
lstrlenW
HeapSize
WideCharToMultiByte
LCMapStringA
FatalAppExitA
ExitProcess
ReadFile
Sleep
IsValidLocale
QueryPerformanceCounter
SetFileAttributesW

user32

LoadCursorW
GetWindowRect
DefWindowProcW
InvalidateRect
GetDlgItem
GetMessageW
UpdateWindow
SetCapture
MessageBoxW
GetScrollInfo
DialogBoxParamW
BeginPaint
FillRect
DestroyWindow
SetWindowPos
GetClientRect
PostQuitMessage
SetCursor
DrawTextW
TranslateMessage
SendMessageW
LoadBitmapW
GetClipboardData
CreateWindowExW
OpenClipboard
TrackMouseEvent
ReleaseCapture
ShowWindow
CloseClipboard
ExitWindowsEx
SetScrollInfo
EndDialog
LoadIconW
RegisterClassExW
DispatchMessageW
ShowScrollBar
SetWindowTextW
MoveWindow
EndPaint
RegisterClassW

gdi32

ChoosePixelFormat
LineTo
BitBlt
SetBkMode
SelectObject
CreateFontW
CreateCompatibleDC
CreatePen
DeleteObject
MoveToEx
SetTextColor
CreateSolidBrush

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
AdjustTokenPrivileges
CreateServiceW
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetEntriesInAclW
OpenSCManagerW
OpenProcessToken
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
SetNamedSecurityInfoW
RegEnumValueW
CloseServiceHandle

shell32

SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

comctl32

ImageList_Add
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

shlwapi

PathFileExistsW
PathIsDirectoryW

msimg32

GradientFill

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

netapi32

NetApiBufferFree

wtsapi32

WTSVirtualChannelClose

dnsapi

DnsReplaceRecordSetA

Sections

.text
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.stroke
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.char
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.soph
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.joke
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.poke
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.key
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cond
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d35e0b7c1c61643b8d3877db46dd772

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msimg32

version

netapi32

wtsapi32

dnsapi

Sections

.text Size: 504KB - Virtual size: 503KB

.stroke Size: 51KB - Virtual size: 51KB

.char Size: 48KB - Virtual size: 47KB

.soph Size: - Virtual size: 64KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 824B

.joke Size: 512B - Virtual size: 152B

.poke Size: 512B - Virtual size: 62B

.key Size: 200KB - Virtual size: 199KB

.cond Size: 512B - Virtual size: 28B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 504KB - Virtual size: 503KB

.stroke
Size: 51KB - Virtual size: 51KB

.char
Size: 48KB - Virtual size: 47KB

.soph
Size: - Virtual size: 64KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 824B

.joke
Size: 512B - Virtual size: 152B

.poke
Size: 512B - Virtual size: 62B

.key
Size: 200KB - Virtual size: 199KB

.cond
Size: 512B - Virtual size: 28B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB