f097b90b19d0db3b9f62915700bcc575_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f097b90b19d0db3b9f62915700bcc575_JaffaCakes118
Size

519KB
MD5

f097b90b19d0db3b9f62915700bcc575
SHA1

fafc62d124694217cd1ed9aa5b1e0b1188856b2c
SHA256

57e77c94d3b7239333827141032de28f7954d07058832ab87ceec5c0aa96a9d9
SHA512

297f3ef898dd0db0df91d66211c2d8f314bca82ddc6a49ac9ef9afafca30af9e2a77eb8f59c28b63ffaa100f9b022db0a3783f87accb7a8e318845a5791fcad4
SSDEEP

12288:xJIaiHVaPyWMKDnbbDfU3Y9oLOksxnRcp875:TIpHVabPDb38I9oX675

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f097b90b19d0db3b9f62915700bcc575_JaffaCakes118

Files

f097b90b19d0db3b9f62915700bcc575_JaffaCakes118
.exe windows:4 windows x86 arch:x86

416d2e1b1992845071364bd6710412a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageCount
ImageList_Destroy
InitCommonControlsEx
ImageList_GetIcon
ord17
CreatePropertySheetPageA
ImageList_AddMasked
ImageList_GetIconSize
ImageList_Add

user32

GetMenuItemCount
LoadImageW
SetCursor
RegisterClassW
PostMessageW
GetWindowThreadProcessId
SetCapture
InsertMenuItemW
SetWindowTextW
CopyRect
IntersectRect
SetWindowPos
OpenClipboard
CharNextW
MapWindowPoints
GetWindow
CreateWindowExW
DefWindowProcW
IsDialogMessageW
GetActiveWindow
IsClipboardFormatAvailable
ShowWindow
OffsetRect
GetDlgItem
SetMenuItemBitmaps
DestroyWindow
KillTimer
LoadBitmapW
FillRect
SystemParametersInfoW
LoadIconW
SetWindowLongW
LoadStringW
SetDlgItemInt
LoadAcceleratorsW
DestroyIcon
PtInRect
RegisterClassExW
DispatchMessageW
IsIconic
GetFocus
InvalidateRgn
MessageBoxW
WindowFromPoint
ScreenToClient
GetClassNameW

winspool.drv

DocumentPropertiesA
OpenPrinterA
ord204

winmm

waveOutRestart
timeGetTime
waveInReset
mixerGetLineInfoA
waveInOpen
waveOutOpen
waveInGetNumDevs
mixerSetControlDetails
waveOutPrepareHeader
mixerClose
waveInAddBuffer
waveInStart
mixerGetLineControlsA
mixerGetControlDetailsA
mixerGetDevCapsA
PlaySoundA
mmioDescend
waveOutReset
mmioRead
mixerGetNumDevs
waveOutWrite
waveOutGetNumDevs
waveInPrepareHeader
mixerOpen
waveInUnprepareHeader
waveOutGetDevCapsA
waveInClose
waveOutClose
waveOutUnprepareHeader

version

GetFileVersionInfoSizeA
VerLanguageNameA
VerQueryValueA

gdi32

Polyline
GetAspectRatioFilterEx
GetDCOrgEx
DeleteObject
FlattenPath
EndPage
GetPaletteEntries
DrawEscape
CreateDiscardableBitmap
GetOutlineTextMetricsA
StartPage
SetPixelV
GdiComment
SetArcDirection
CreateBrushIndirect
ExtCreatePen
GetColorAdjustment
GetCharABCWidthsFloatA
StretchDIBits
CreatePenIndirect
CreatePolyPolygonRgn
MoveToEx
GetTextColor
SetBkColor
InvertRgn
StartDocA
SetRectRgn
AnimatePalette
PolylineTo
AngleArc
PlgBlt
CreateCompatibleBitmap
GetMiterLimit
ExtTextOutA
EndDoc
SetTextAlign
CreateBitmapIndirect
AbortPath
GetPath
ExtEscape
GetCharWidthFloatA
EnumObjects
WidenPath
CreateRoundRectRgn
SetMiterLimit
RealizePalette
GetObjectType
GetBrushOrgEx
GetViewportExtEx
GetKerningPairsA

ole32

OleDuplicateData
CreateDataAdviseHolder
OleSetClipboard
OleUninitialize
OleIsRunning
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
WriteClassStm
CreateILockBytesOnHGlobal
CreateFileMoniker
CreateGenericComposite
CLSIDFromProgID

kernel32

GetVersionExA
GetLastError
GetStdHandle
GetTimeZoneInformation
InterlockedExchange
GetCurrentProcessId
GetModuleHandleW
GetModuleHandleA
GetSystemTimeAsFileTime
ExitProcess
GetEnvironmentStringsW
WriteFile
TlsGetValue
RtlUnwind
FlushFileBuffers
LeaveCriticalSection
RaiseException
GetProcAddress
GetDateFormatA
CompareStringW
GetOEMCP
GetFileType
HeapSize
QueryPerformanceCounter
HeapAlloc
SetFilePointer
SetStdHandle
GetModuleFileNameW
CloseHandle
WideCharToMultiByte
GetLocaleInfoA
VirtualAlloc
EnterCriticalSection
GetCurrentProcess
GetTickCount
GetStringTypeA
GetStringTypeW
GetTimeFormatA
HeapReAlloc
CreateMutexW
IsBadCodePtr
SetHandleCount
HeapCreate
GetModuleFileNameA
HeapDestroy
TlsFree
LoadLibraryW
GetACP
LCMapStringA
SetEnvironmentVariableA
LCMapStringW
ReadFile
GetStartupInfoA
VirtualProtect
GetCommandLineA
HeapFree
GetCommandLineW
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
TerminateProcess
GetCPInfo
CompareStringA
SetLastError
UnhandledExceptionFilter
GetStartupInfoW
SetUnhandledExceptionFilter
GetEnvironmentStrings
VirtualFree
GetCurrentThreadId
FreeEnvironmentStringsA
TlsAlloc
TlsSetValue
VirtualQuery
GetSystemInfo
MultiByteToWideChar
FreeEnvironmentStringsW

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyExA
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
OpenThreadToken
RegOpenKeyExA
OpenServiceA
RegEnumKeyA

shell32

ExtractIconA
SHGetSpecialFolderLocation
SHAppBarMessage
DragAcceptFiles
DragFinish
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA
ExtractIconExA

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

416d2e1b1992845071364bd6710412a0

Headers

File Characteristics

Imports

comctl32

user32

winspool.drv

winmm

version

gdi32

ole32

kernel32

advapi32

shell32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 258KB - Virtual size: 258KB

.data Size: 95KB - Virtual size: 95KB

.rsrc Size: 67KB - Virtual size: 67KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 258KB - Virtual size: 258KB

.data
Size: 95KB - Virtual size: 95KB

.rsrc
Size: 67KB - Virtual size: 67KB