be7627f9f88946ca796b4871b09299fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be7627f9f88946ca796b4871b09299fb_JaffaCakes118
Size

429KB
MD5

be7627f9f88946ca796b4871b09299fb
SHA1

e98491aa825638d16a9f6dd2bc9c978eeef94a51
SHA256

3cced690e430a7a620e6a96ba924348031b832b87695a762d8b2f04a9bd7dc4d
SHA512

1c427e408da5c80e4afbcf85dd3c2eba43eeee2a1c1109d5afc90380e2268c7317f47a188c4f00fb4b26e5930e862bbb567833f2b1d6bd81e18ab1fe61647aca
SSDEEP

6144:67k+AhbLuSX54fTq0LP9tlXe9Swnax70XKEE0mbNKlYhlRNAN0IU8vtfgRRY6m:J14G0LPNRt0XKEE0OQY3RNAB56m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be7627f9f88946ca796b4871b09299fb_JaffaCakes118

Files

be7627f9f88946ca796b4871b09299fb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b524bf77331755e34f590ac7607b7815

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_GetIcon
ImageList_Destroy
ord17

powrprof

SetSuspendState

gdiplus

GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipLoadImageFromFile
GdipAlloc
GdipFree

kernel32

GetFileSize
TerminateThread
GetTickCount
GetProcessAffinityMask
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
SetPriorityClass
GetCurrentThread
WaitForMultipleObjects
ReadFile
GetModuleFileNameA
GetVersion
LoadLibraryA
LocalFree
SetEnvironmentVariableA
GetProcessHeap
SetEndOfFile
WriteConsoleW
CreateFileA
SetEnvironmentVariableW
CompareStringW
HeapReAlloc
LCMapStringW
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetFileType
SetHandleCount
DeleteCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
GetStringTypeW
IsProcessorFeaturePresent
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetStdHandle
ExitProcess
HeapCreate
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetTimeZoneInformation
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetCommandLineW
DeleteFileA
RaiseException
DecodePointer
SetLastError
InterlockedDecrement
DeviceIoControl
FindFirstFileW
CreateThread
CreateMutexW
WaitForSingleObject
CreateFileMappingW
MapViewOfFile
Sleep
CreateFileW
WriteFile
DeleteFileW
OpenMutexW
GetLastError
ReleaseMutex
CloseHandle
lstrcpynW
GetModuleHandleW
GetVersionExW
GetCurrentProcess
LoadLibraryW
GetProcAddress
FreeLibrary
GetLocalTime
GetModuleFileNameW
MulDiv
EncodePointer
WideCharToMultiByte
GetDateFormatW
GetTimeFormatW
HeapAlloc
HeapFree
RtlUnwind
GetSystemTimeAsFileTime

user32

GetDC
ReleaseDC
GetSystemMetrics
CallWindowProcW
GetSysColor
GetWindowLongW
MessageBoxW
SetCursor
LoadCursorW
ShowWindow
SendNotifyMessageW
LoadMenuW
DestroyMenu
GetWindowTextW
ExitWindowsEx
DrawTextExW
ScreenToClient
CreateDialogParamW
LoadAcceleratorsW
IsIconic
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
RegisterWindowMessageW
GetSubMenu
GetCursorPos
TrackPopupMenu
PostQuitMessage
DialogBoxParamW
FillRect
InvalidateRect
PostMessageW
RegisterClassExW
EnableMenuItem
DestroyWindow
DefWindowProcW
SetFocus
GetMenuState
GetMenu
CheckMenuItem
GetClientRect
SetTimer
KillTimer
EnableWindow
AdjustWindowRect
EnumChildWindows
FindWindowW
LoadIconW
GetDlgItem
EndDialog
SetWindowTextW
SetWindowLongW
SetWindowPos
CreateWindowExW
SetForegroundWindow
UpdateWindow
GetWindowRect
LoadBitmapW
LoadStringW
DestroyIcon
SendMessageW

gdi32

CreateBitmap
CreateBrushIndirect
SetTextAlign
TextOutW
CreateFontW
CreateFontIndirectW
CreateDIBSection
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC
SetTextColor
SetBkColor
GetDeviceCaps

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
ChooseColorW

advapi32

OpenSCManagerW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
CreateServiceW
StartServiceW
CloseServiceHandle
OpenServiceW
ControlService
DeleteService
RegDeleteValueW

shell32

ShellExecuteW
Shell_NotifyIconW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

Sections

.text
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b524bf77331755e34f590ac7607b7815

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

powrprof

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 258KB - Virtual size: 258KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 7KB - Virtual size: 95KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 258KB - Virtual size: 258KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 7KB - Virtual size: 95KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 22KB - Virtual size: 21KB