97d0ff826db4708c0bf8bff513dda02a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

97d0ff826db4708c0bf8bff513dda02a_JaffaCakes118
Size

916KB
MD5

97d0ff826db4708c0bf8bff513dda02a
SHA1

b281f8da746da72039c98312c2f51cb806613ab2
SHA256

6c238a124150dc1298bd6a347e8628b51ca2d5ae04b0181270a5928aedc63ad9
SHA512

49fc920a9a26cb0e99201f0954d88bfb9b319b81551c93c46dfa650ba44ad16d827911988ea2c556c7ddcae03405fb95ebf1394b732c67da70bb565811d22abe
SSDEEP

12288:ZUKFfy62YznW7A+YTr+PoIIxOeCW33pKAvsrvl5a0R5w5f:1y62YTW7A+PIgO3dviTa0ef

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
97d0ff826db4708c0bf8bff513dda02a_JaffaCakes118

Files

97d0ff826db4708c0bf8bff513dda02a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a36b8c98f8710737441ff391a1167b41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
LCMapStringW
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
GetProfileStringA
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
FatalAppExitA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetFileType
SetStdHandle
HeapSize
HeapReAlloc
GetACP
TerminateProcess
ExitThread
CreateThread
HeapFree
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
HeapAlloc
RtlUnwind
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
FindNextFileA
SizeofResource
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetProcessVersion
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
LocalLock
LocalUnlock
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAlloc
GetCurrentThread
lstrcmpA
LocalAlloc
GetLastError
GlobalFree
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GetModuleFileNameA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
MulDiv
SetLastError
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
lstrcatA
GlobalLock
lstrcpynA
GlobalUnlock
GlobalGetAtomNameA
InitializeCriticalSection
GlobalAddAtomA
GetVersion
lstrcpyA
lstrcmpiA
WaitForSingleObject
lstrlenA
GetCurrentDirectoryA
Sleep
GetExitCodeThread
InterlockedIncrement
InterlockedDecrement
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
GetCurrentProcess
CloseHandle
DeleteCriticalSection
CreateSemaphoreA
IsValidLocale

user32

SetTimer
KillTimer
WindowFromPoint
GetCursorPos
SetRect
CharToOemA
OemToCharA
ValidateRect
TranslateMessage
GetMessageA
CreateDialogIndirectParamA
EndDialog
PostQuitMessage
ShowOwnedPopups
GetTabbedTextExtentA
IsClipboardFormatAvailable
MessageBeep
DestroyCursor
LoadCursorA
FillRect
wvsprintfA
CharUpperA
GetSysColorBrush
GetClassNameA
LoadStringA
InflateRect
SetCapture
InvertRect
GetDCEx
LockWindowUpdate
GetDialogBaseUnits
InsertMenuA
GetMenuStringA
DestroyIcon
FindWindowA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
PtInRect
GetDC
ReleaseDC
IsZoomed
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
ScreenToClient
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
GetSystemMenu
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetLastActivePopup
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
InvalidateRect
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
UpdateWindow
EnableWindow
GetSubMenu
GetMenuItemCount
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetActiveWindow
wsprintfA
GetParent
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetClientRect
GetWindowLongA
SetWindowLongA
IsWindow
DefMDIChildProcA
DeleteMenu
AppendMenuA
IsRectEmpty
SetParent
IsChild
GrayStringA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
CreateWindowExA
BringWindowToTop
GetMenu
IsDialogMessageA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
SetStretchBltMode
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
DPtoLP
PatBlt
Rectangle
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
CreateRectRgnIndirect
BitBlt
GetMapMode
SetRectRgn
CombineRgn
LPtoDP
GetBkColor
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
RestoreDC
SaveDC
StartDocA
CreateFontA
GetCharWidthA
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits
DeleteDC
SelectObject
GetTextExtentPoint32A
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreatePen
CreateDIBitmap
GetTextExtentPointA
GetTextMetricsA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ReplaceTextA
PrintDlgA
PageSetupDlgA
GetFileTitleA
CommDlgExtendedError
FindTextA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

GetFileSecurityA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegSetValueA
RegCreateKeyA
RegQueryValueA
SetFileSecurityA
RegDeleteValueA

shell32

SHGetFileInfoA
DragAcceptFiles
DragQueryFileA
DragFinish
ExtractIconA

comctl32

ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write

wininet

InternetGetLastResponseInfoA
InternetAutodial
InternetGetConnectedState
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetCookieA
InternetGetCookieA
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
FtpDeleteFileA
FtpRenameFileA
FtpCreateDirectoryA
FtpRemoveDirectoryA
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
FtpOpenFileA
FtpPutFileA
FtpGetFileA
GopherCreateLocatorA
GopherGetAttributeA
GopherOpenFileA
HttpOpenRequestA
InternetErrorDlg
HttpAddRequestHeadersA
HttpSendRequestA
HttpEndRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpFindFirstFileA
InternetFindNextFileA
GopherFindFirstFileA

Sections

.text
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a36b8c98f8710737441ff391a1167b41

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wininet

Sections

.text Size: 444KB - Virtual size: 440KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 20KB - Virtual size: 37KB

.idata Size: 16KB - Virtual size: 15KB

.rsrc Size: 320KB - Virtual size: 319KB

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 444KB - Virtual size: 440KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 20KB - Virtual size: 37KB

.idata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 320KB - Virtual size: 319KB

.reloc
Size: 36KB - Virtual size: 35KB