9ea29e24749452c4b1441c6d78c06e97_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9ea29e24749452c4b1441c6d78c06e97_JaffaCakes118
Size

355KB
MD5

9ea29e24749452c4b1441c6d78c06e97
SHA1

29a7b7e56a1f0631d074d0c42d865080264dfe39
SHA256

71d73684c8b2f3ee1e5796b141b917d98db8cb4b6d2e39eaeb74361a01605016
SHA512

ec459cabcd49d8d31931cbbc56c0bd59244579d862100833cfb1a7c39a42bc5cc82f3ad895e03357f2fb688d970dab23c00f54563437e2a52fcb2e6c1e1257fe
SSDEEP

6144:Owfkl5RcNIoyF1Y8OjIIrT9lI73GUL9miFigaH+3skE+I/sjWNDiya0ZcHVF3sII:Owfkl8WoyU8dIjML6X+8kE6W9a0ZQVJ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
9ea29e24749452c4b1441c6d78c06e97_JaffaCakes118

Files

9ea29e24749452c4b1441c6d78c06e97_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c37a968910186a77ea2733e426d00ca2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndPaint
FindWindowExW
MapVirtualKeyExA
SetWindowPos
DrawTextW
UnionRect
InflateRect
LoadImageA
InvalidateRgn
PeekMessageA
GetMenuCheckMarkDimensions
GetSysColorBrush
ChildWindowFromPointEx
OpenIcon
ReplyMessage
CreateIconFromResource
GetParent
RegisterRawInputDevices
GetDialogBaseUnits
GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
MapVirtualKeyW
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect

shell32

SHGetFileInfoA
SHFileOperationW
ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

advapi32

RegCloseKey
SetThreadToken
RegCreateKeyW
RegEnumKeyW
RegOpenKeyExW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW

gdi32

SetWindowExtEx
CreateICA
GetEnhMetaFileHeader
GetTextFaceW
PtInRegion
SetAbortProc
SetBitmapDimensionEx
DrawEscape
GetCharABCWidthsA
SetBitmapBits
GetCharWidthFloatW
GetBitmapBits
PolyDraw
FillRgn
SaveDC
GetCharWidthFloatA
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject
CloseMetaFile
SetRectRgn
EnumFontFamiliesExA

crypt32

CertOIDToAlgId

kernel32

FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
VirtualAlloc
HeapFree
VirtualFree
HeapCreate
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapReAlloc
SetStdHandle
GetFileInformationByHandle
OpenEventW
FileTimeToDosDateTime
IsValidCodePage
InitializeCriticalSection
GetDriveTypeW
GetCurrentThreadId
FindFirstFileA
QueryPerformanceCounter
GetStringTypeW
SearchPathA
GetThreadTimes
CancelDeviceWakeupRequest
GetProcessHeap
SetFileApisToANSI
GetEnvironmentStrings
GlobalCompact
GetWriteWatch
GetMailslotInfo
SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetLocaleInfoA
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
RtlUnwind
LCMapStringA
LCMapStringW
LocalShrink
GetStringTypeA
QueueUserAPC
FindClose
lstrcpynA
DeleteFileW
FindFirstFileW
FindNextFileW
SetFilePointer
MultiByteToWideChar
ReadFile
WriteFile
MulDiv
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GlobalFree
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsW
lstrcmpW
lstrcmpiW
lstrcmpA
RemoveDirectoryW
lstrcpyA
GetVersion
GetSystemDirectoryW
GetVersionExW
lstrcpyW
OpenProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcatW
GetTempFileNameW
lstrcmpiA
CreateProcessW
LoadLibraryW
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
lstrcpynW
lstrlenW
CloseHandle
SetErrorMode
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WQEQ
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BSS
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c37a968910186a77ea2733e426d00ca2

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

gdi32

crypt32

kernel32

Sections

.text Size: 129KB - Virtual size: 128KB

.data Size: 27KB - Virtual size: 354KB

WQEQ Size: 17KB - Virtual size: 17KB

.BSS Size: 14KB - Virtual size: 14KB

.rsrc Size: 166KB - Virtual size: 165KB

.text
Size: 129KB - Virtual size: 128KB

.data
Size: 27KB - Virtual size: 354KB

WQEQ
Size: 17KB - Virtual size: 17KB

.BSS
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 166KB - Virtual size: 165KB