97696fab55418b4460c80a16d85fe180_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

97696fab55418b4460c80a16d85fe180_JaffaCakes118
Size

322KB
MD5

97696fab55418b4460c80a16d85fe180
SHA1

44f0e31282791fd37575f8b8495ffba22c3d87cf
SHA256

36b684c1a9158d9865ffd0b3d31d88e756683a38794b50de2e9c183069577bc6
SHA512

abee774356cf0b8e01e61ae0db71f60978d505c842b46e86cbf61935629e158e765db93a87b6a5351ef3f1239c815be81c681fc5026f610c2cba367186f3db78
SSDEEP

6144:Q5RxCrqo4ydiOwSFb7JkTguBGVe4mLhlRRV9YJG90ieeZtZ4u:Q1CGoVAOwCb7JZuBGyPN9YE90ivLT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97696fab55418b4460c80a16d85fe180_JaffaCakes118

Files

97696fab55418b4460c80a16d85fe180_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b2a75ce048e9cb7c4da642bd3f49b1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
WaitNamedPipeA
DebugBreak
CloseHandle
ReleaseSemaphore
CreateSemaphoreW
LocalFlags
FindFirstVolumeMountPointW
InterlockedExchangeAdd
GlobalHandle
GlobalSize
GetProfileStringA
GetCurrentProcess
GlobalReAlloc
IsBadStringPtrW
ReleaseSemaphore
CompareStringW
QueueUserAPC
ReleaseSemaphore
IsValidLocale
GetTempPathA
CreateEventW
ReleaseSemaphore
DisconnectNamedPipe
GetSystemTime
OpenFileMappingW
GetDefaultCommConfigA
WriteProfileStringW
EnumLanguageGroupLocalesA
EnumUILanguagesW

winspool.drv

StartDocPrinterW
GetPrintProcessorDirectoryW

user32

CharUpperBuffA
HideCaret
LookupIconIdFromDirectoryEx
GetMonitorInfoA
FindWindowExA
OemToCharW
LoadAcceleratorsA
SetClipboardData
GetDialogBaseUnits
GetInputDesktop
DestroyMenu
DialogBoxIndirectParamA
CreateIconIndirect
GetListBoxInfo
GetUserObjectSecurity
GetMenuItemCount
CharToOemA
InsertMenuW
SendMessageA
FillRect
GetWindowInfo
TileChildWindows
MessageBoxExA
CharUpperW
GetSysColor
GetFocus
LockSetForegroundWindow
TabbedTextOutW
DrawTextExA
SetLastErrorEx
GetClassLongW
DrawStateW
DdeCreateStringHandleW
DestroyCursor
SystemParametersInfoW
DrawIcon
AnimateWindow
IsCharLowerW
MapVirtualKeyExW
IMPQueryIMEW
GetDlgItemInt
ShowWindow
GetClassWord
DrawTextA
GetClientRect
CopyAcceleratorTableW
DialogBoxParamA
UpdateWindow
LoadStringW
CharLowerA
PostMessageA
SendMessageTimeoutW
DlgDirListComboBoxW
GetMenuDefaultItem
CheckMenuItem
CheckRadioButton
PeekMessageW
EnumDisplayDevicesW
DdeAccessData
DdeEnableCallback
GetCursorInfo
GetSysColorBrush
ToUnicodeEx
SetScrollRange
DestroyAcceleratorTable
SendMessageCallbackW
TileWindows
RegisterClipboardFormatW
GetSystemMenu
GetTopWindow
SetWindowContextHelpId
ToAsciiEx
GetComboBoxInfo
LockWorkStation
SetThreadDesktop
LookupIconIdFromDirectory
GetCaretPos
RemoveMenu
DrawMenuBar
SendNotifyMessageA
SetActiveWindow
GetSystemMetrics
IsWindowEnabled
SetLayeredWindowAttributes
MapVirtualKeyA
GetClassNameW

psapi

GetDeviceDriverFileNameW
GetProcessMemoryInfo

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 283B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b2a75ce048e9cb7c4da642bd3f49b1a

Headers

File Characteristics

Imports

kernel32

winspool.drv

user32

psapi

Sections

.text Size: 145KB - Virtual size: 144KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 69KB - Virtual size: 129KB

.rdata Size: 512B - Virtual size: 283B

.rsrc Size: 102KB - Virtual size: 101KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 69KB - Virtual size: 129KB

.rdata
Size: 512B - Virtual size: 283B

.rsrc
Size: 102KB - Virtual size: 101KB