d320f6099d66a497692d20dd42e7ba40_JaffaCakes118

Resubmissions

07-12-2024 15:24

241207-ss4wqa1pbp 10

07-12-2024 15:19

241207-sqpn1swmft 10

Sharing

Copy URL

Twitter E-mail

General

Target

d320f6099d66a497692d20dd42e7ba40_JaffaCakes118
Size

405KB
MD5

d320f6099d66a497692d20dd42e7ba40
SHA1

f55953666f0af20bfddfadc353dd8dabba0ec9b6
SHA256

9fa0012874369e53f8eaaf056ed607771a97199c7d69adef770845c20177920c
SHA512

c93f680a07f1aa695d98c5209d2f6cd4161c215e8fdc6e379b9c7d20933bcf39d12a7cd3432a86bf0abcc9ff1c5df4a2e4f17fa23b5f9d55fa205f0f9f4a7a3e
SSDEEP

6144:6aICHa+0ZjkVA9hSEcz/7tWYmZBBma05I5UzTjEw3yDP45B4ExKGO:bIC6+0hkm9AdEYmga0u5UzPRiD4NO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d320f6099d66a497692d20dd42e7ba40_JaffaCakes118

Files

d320f6099d66a497692d20dd42e7ba40_JaffaCakes118
.exe windows:5 windows x86 arch:x86

47575302f31af63b7e28d32707021f5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndPaint
DrawTextA
FillRect
GetClientRect
BeginPaint
ShowWindow
RemovePropA
DlgDirSelectExW
SendMessageA
ModifyMenuW
GetPropW
GetDesktopWindow
GetClipboardViewer
SendMessageW
MessageBoxA
ChangeMenuW
DdeInitializeA
CallWindowProcW
DefWindowProcA
InvalidateRect
EnableWindow
GetDC
LoadImageA
CreateWindowExW
TranslateMessage
SetWindowLongW
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
DispatchMessageW
CharUpperBuffW
GetShellWindow
GetKeyboardType
LoadStringW
CharNextW
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA

urlmon

CreateAsyncBindCtx
RevokeBindStatusCallback
UrlMkSetSessionOption
IsLoggingEnabledA

shell32

SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHFileOperationA
SHGetSpecialFolderLocation
ExtractIconW
ExtractAssociatedIconA
DragQueryFileW
DragAcceptFiles
ShellExecuteW
SHBrowseForFolderA
DoEnvironmentSubstA

ole32

CoReleaseMarshalData
CoImpersonateClient
CreateStreamOnHGlobal
OleCreateStaticFromData
OleCreateLinkToFileEx

advapi32

RegOpenKeyExA
AccessCheckByType
RegCreateKeyA
RegGetKeySecurity
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
DeleteAce
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegNotifyChangeKeyValue
OpenBackupEventLogW
OpenThreadToken
PrivilegedServiceAuditAlarmW
LookupAccountNameA

gdi32

GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
AddFontResourceExW
BitBlt
CloseFigure
AddFontResourceW
ColorMatchToTarget
CombineTransform
BeginPath
CreateBitmap
CheckColorsInGamut
SetBkColor

opengl32

glGetBooleanv
glColor4s
glGetPolygonStipple
glTexCoord1f
glListBase
glRasterPos3i
glVertex4sv
glColor4uiv

dbghelp

ImageRvaToSection
SymUnloadModule
SymGetModuleInfoW64
SymGetLinePrev64
SymGetSymFromAddr
SymEnumerateSymbolsW64
MapDebugInformation

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

VirtualProtect
SizeofResource
SignalObjectAndWait
SetLastError
SetEvent
SetEndOfFile
ResetEvent
RemoveDirectoryW
LockResource
LoadResource
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
GetWindowsDirectoryW
GetVersionExW
GetUserDefaultLangID
GetLocalTime
GetFullPathNameW
GetFileAttributesW
GetEnvironmentVariableW
GetDiskFreeSpaceW
GetDateFormatW
GetCPInfo
FormatMessageW
FindResourceW
EnumCalendarInfoW
EnterCriticalSection
DeleteFileW
GetEnvironmentStrings
CreateProcessW
CreateFileW
GetSystemTimeAsFileTime
CreateDirectoryW
CompareStringW
TlsSetValue
TlsGetValue
LocalAlloc
GetACP
VirtualFree
VirtualAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
InitializeCriticalSectionAndSpinCount
GetOEMCP
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
HeapAlloc
HeapReAlloc
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsFree
InterlockedIncrement
InterlockedDecrement
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapFree
GetTimeZoneInformation
CreateEventW
FreeEnvironmentStringsA
GetSystemInfo
QueryPerformanceCounter
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FindFirstFileW
UnhandledExceptionFilter
RtlUnwind
HeapSize
CompareStringA
SetEnvironmentVariableA
DeleteCriticalSection
HeapDestroy
RaiseException
GetStdHandle
CompareFileTime
SearchPathA
VirtualAllocEx
OpenProcess
GetCurrentProcessId
lstrlenA
WaitCommEvent
SetSystemTimeAdjustment
DeleteTimerQueueTimer
SetupComm
HeapWalk
UnlockFileEx
GetTempPathA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
MulDiv
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA
lstrcmpA
lstrcmpiA
CloseHandle
GetVersion
GetSystemDirectoryA
lstrcatA
GetTempFileNameA
CreateFileA
RemoveDirectoryA
CreateProcessA
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
LoadLibraryA
SetErrorMode
GetCommandLineA
SetFileTime
GetWindowsDirectoryA
ExitProcess
CopyFileA
GetCurrentProcess
GetModuleFileNameA
GetFileSize
GetTickCount
Sleep
SetFileAttributesA
CreateDirectoryA
GetLastError
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shrink
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

47575302f31af63b7e28d32707021f5c

Headers

DLL Characteristics

File Characteristics

Imports

user32

urlmon

shell32

ole32

advapi32

gdi32

opengl32

dbghelp

comctl32

version

kernel32

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 7KB - Virtual size: 138KB

.shrink Size: 53KB - Virtual size: 52KB

.rsrc Size: 218KB - Virtual size: 218KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 7KB - Virtual size: 138KB

.shrink
Size: 53KB - Virtual size: 52KB

.rsrc
Size: 218KB - Virtual size: 218KB