f7e42195ab5192cb67c4c7dea9153461_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f7e42195ab5192cb67c4c7dea9153461_JaffaCakes118
Size

187KB
MD5

f7e42195ab5192cb67c4c7dea9153461
SHA1

bb602bd1ea0ce14128b3a02300067643b590b121
SHA256

bd56fa103630bca4cc8d76b9a6e11adf30b72c4496345908751ac7a59b830de8
SHA512

73b367735382d06bba836144c865368f5f41ed34d65fe7083c4699ee3f15b544923adfe5678ca03a350c26145d5e752d7fd52deff8046b1e32049ff9b1df1ccf
SSDEEP

3072:AYmqOMbedYVpdgMBRaXXntLv/6nogYaLWQJ471oOiElXSH/YSq:AYnPVpdgeeXtLv/6n1YCSyEBQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7e42195ab5192cb67c4c7dea9153461_JaffaCakes118

Files

f7e42195ab5192cb67c4c7dea9153461_JaffaCakes118
.exe windows:4 windows x86 arch:x86

770477ce5d9324918700c82a0a1f6c4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
ReadFile
FindNextFileA
GetCalendarInfoW
GetCurrentThreadId
CreateFileA
GlobalUnlock
GlobalLock
TlsSetValue
GlobalFree
GetSystemDirectoryA
GetEnvironmentVariableW
GlobalAlloc
WaitForSingleObject
GetModuleFileNameA
IsDebuggerPresent
ReleaseMutex
lstrlenW
IsProcessorFeaturePresent
FindFirstFileA
GetACP
GetSystemInfo
GetCurrentThread
GetTimeFormatW
GetSystemDefaultLCID
SetCurrentDirectoryA
Sleep
ReleaseSemaphore
FreeLibrary
GetModuleHandleA
LoadLibraryA
LocalAlloc
GetLocaleInfoA
GetFileTime
MultiByteToWideChar
DeleteCriticalSection
GetVersionExA
FindClose
TlsFree
WideCharToMultiByte
GetTickCount
GetDateFormatA
EnterCriticalSection
ExitProcess
UnhandledExceptionFilter
EnumResourceNamesA
CreateSemaphoreA
GetProcAddress
CreateMutexA
GetCurrentDirectoryA
GlobalSize
GetFileSize
GetCurrentProcessId
GetLastError
InitializeCriticalSection
GetTempPathW
QueryPerformanceCounter
InterlockedIncrement
lstrcmpW
GetLocalTime
GetSystemTimeAsFileTime
DeleteFileW
GetWindowsDirectoryA
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetTimeFormatA
GetThreadPriority
LeaveCriticalSection
GetDateFormatW
InterlockedExchange
GetUserDefaultLangID
CloseHandle
GetThreadLocale
GetProfileStringW
SetThreadPriority
TlsGetValue
RaiseException

shlwapi

PathRemoveFileSpecA
PathAppendA

msimg32

AlphaBlend

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

gdi32

EndPage
CreateCompatibleDC
SetPolyFillMode
StartDocW
SaveDC
CreateDIBSection
CreatePolyPolygonRgn
GetCurrentObject
GetViewportOrgEx
CombineRgn
CloseFigure
ModifyWorldTransform
GetObjectA
SetStretchBltMode
EqualRgn
Rectangle
ExtCreatePen
SelectObject
StretchBlt
CreateCompatibleBitmap
SelectClipPath
ExtEscape
DeleteObject
StartPage
StrokePath
SetBrushOrgEx
GetRegionData
FillPath
SetGraphicsMode
GetDIBColorTable
ExtSelectClipRgn
SetWorldTransform
PatBlt
GetStockObject
DeleteDC
SetDIBits
MoveToEx
CreateDCW
PolyBezierTo
StretchDIBits
IntersectClipRect
GetWorldTransform
CreateICW
PolylineTo
GetRgnBox
ResetDCW
EndDoc
SetMiterLimit
AbortDoc
CreatePatternBrush
BitBlt
OffsetRgn
SelectClipRgn
GetClipBox
RestoreDC
SetROP2
SelectPalette
EndPath
RealizePalette
LineTo
BeginPath
Escape
CreatePalette
GetDeviceCaps
GetGraphicsMode
CreateRectRgn
CreateBrushIndirect
CreateBitmap
PolyDraw

ole32

CoInitialize
OleInitialize
CoGetClassObject
OleUninitialize
StgCreateDocfileOnILockBytes
CoUninitialize
CoRetireServer
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CLSIDFromProgID
CoRevokeClassObject
OleFlushClipboard
CreateILockBytesOnHGlobal
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
CLSIDFromString

user32

ReleaseDC
GetSystemMetrics
CharNextW
GetActiveWindow
GetMonitorInfoA
CreateWindowExA
RegisterClassA
EnumDisplayMonitors
GetDesktopWindow
MonitorFromPoint
ScrollWindowEx
SetActiveWindow
OffsetRect
DefWindowProcA
SetWindowPos
GetDC
WindowFromDC
GetClientRect
GetWindowRect
MonitorFromWindow
LoadCursorA
DestroyWindow
LoadIconA
UnregisterClassA

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

770477ce5d9324918700c82a0a1f6c4e

Headers

File Characteristics

Imports

kernel32

shlwapi

msimg32

advapi32

gdi32

ole32

user32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 73KB - Virtual size: 73KB

.edata Size: 1024B - Virtual size: 236KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 73KB - Virtual size: 73KB

.edata
Size: 1024B - Virtual size: 236KB