097561991757077a0ee930c98f10e141_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

097561991757077a0ee930c98f10e141_JaffaCakes118
Size

396KB
MD5

097561991757077a0ee930c98f10e141
SHA1

7b93b67f721483a7fddafc70caff5d215a9d51d4
SHA256

7fe27b8b001a8a8b4c56bd5136c1998136661bad35a996b2eb4287ce940b0eb0
SHA512

bd5c001389d5b39e51c1df9b2977db21c04924d257f547185a4c8295c947d0b6ce8b311e14426ee0e325da9e2338bd8360b4b83810e6002b52b46046bfb91445
SSDEEP

6144:JWSNp6fDyR+6dXJRqykp/PPDiTnk+u3lcv3E6bXn6Hrj3eqJToQAm+jQJ:wwY+5XJRbWmg+u1c1qLjuqJTolm+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
097561991757077a0ee930c98f10e141_JaffaCakes118

Files

097561991757077a0ee930c98f10e141_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8aa4833d9f5ab9917461709f211819bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

SetBkMode
CreateDIBSection
SetLayout
Rectangle
SetTextColor
GetTextExtentPoint32W
CreatePen
CreateHalftonePalette
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
RealizePalette
BitBlt

msvcrt

_initterm
__set_app_type
wcstol
__RTDynamicCast
realloc
__wgetmainargs
?terminate@@YAXXZ
malloc
wcsncpy
_c_exit
_cexit
__setusermatherr

shell32

ord748
ord152
SHBrowseForFolderW
ExtractIconExW
SHParseDisplayName

kernel32

MulDiv
ResetEvent
GetModuleFileNameW
GlobalLock
CreateEventA
lstrcpynW
lstrcmpW
DuplicateHandle
InitializeCriticalSection
TerminateProcess
LoadLibraryExW
SetCurrentDirectoryW
GetProcAddress
SizeofResource
ReleaseMutex
WaitForSingleObject
CreateProcessW
lstrlenA
CompareStringW
lstrcmpiW
GetCurrentThreadId
SetEvent
EnterCriticalSection
OpenFileMappingW
GetStartupInfoW
CreateThread
VirtualAllocEx
CreateFileW
GetDateFormatW
GetTickCount
SetUnhandledExceptionFilter
GetModuleHandleA
GetCommandLineW
InterlockedIncrement
ExitThread
FindClose
GetSystemTimeAsFileTime

ole32

StringFromIID
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoAllowSetForegroundWindow
CoCreateInstance
PropVariantClear

shlwapi

StrCpyNW
PathFindExtensionW
ord437
ord174
wnsprintfW

gdiplus

GdipGetPropertyItemSize
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipGetImageWidth
GdiplusShutdown
GdipGetImageDecoders
GdipDrawImageI
GdipCreateHBITMAPFromBitmap

user32

DialogBoxParamW
MessageBoxIndirectW
GetDlgItem
MonitorFromWindow
SendNotifyMessageW
DestroyAcceleratorTable
MonitorFromRect
ReleaseDC
IsRectEmpty
GetSysColorBrush
GetPropW
GetWindowTextLengthW
DestroyWindow
RegisterWindowMessageW
GetClassNameW
LoadImageW
EnableWindow
GetWindowLongW
UpdateWindow
BeginDeferWindowPos
GetParent
PostQuitMessage
SetCapture
WinHelpW
IsWindowEnabled
EndPaint
SetTimer
GetClientRect
BeginPaint
wsprintfW
IntersectRect
TranslateAcceleratorW
MapDialogRect

advapi32

RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteValueW

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8aa4833d9f5ab9917461709f211819bd

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvcrt

shell32

kernel32

ole32

shlwapi

gdiplus

user32

advapi32

Sections

.text Size: 243KB - Virtual size: 243KB

.data Size: 143KB - Virtual size: 142KB

.rsrc Size: 9KB - Virtual size: 380KB

.text
Size: 243KB - Virtual size: 243KB

.data
Size: 143KB - Virtual size: 142KB

.rsrc
Size: 9KB - Virtual size: 380KB