0bf909d7edbb48834020654296a99ea1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0bf909d7edbb48834020654296a99ea1_JaffaCakes118
Size

1.2MB
MD5

0bf909d7edbb48834020654296a99ea1
SHA1

ee3306cbc61fa207fbda73b782f80207cbbf03e1
SHA256

210597746fbea00553304ea445d786834b0f0114f9aab82296b1f6fb3103a166
SHA512

d7240226d961865346eec5b25fdcbbc3c452e3965d3d9bb68aa456ad0939a077b9edc8fed0fa09e7954fe6b39b4b871f4cd85f8e4277ced505285b3eae137783
SSDEEP

24576:CmS8JhYc1PuxlbXXOBCMRC7wmgg48SkQDw:PltWPXegymbS5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bf909d7edbb48834020654296a99ea1_JaffaCakes118

Files

0bf909d7edbb48834020654296a99ea1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

04c68d152aa68f67160717dc6c6fdf82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
GetThreadLocale
GetPrivateProfileStructA
GetFullPathNameW
GetFileAttributesExW
GetComputerNameExW
CreateDirectoryW
LoadLibraryA
GetProcAddress
GetModuleHandleA

user32

SetWindowLongW
SetTimer
SetScrollInfo
SetPropW
SetForegroundWindow
SetFocus
SetClassLongW
SendMessageW
RemovePropW
ReleaseDC
RegisterWindowMessageW
RegisterClipboardFormatW
RedrawWindow
PostMessageW
OpenWindowStationW
OffsetRect
MessageBoxW
MapWindowPoints
LoadStringW
LoadCursorW
LoadBitmapW
KillTimer
IsRectEmpty
IsIconic
InvalidateRect
IntersectRect
InflateRect
GetWindowThreadProcessId
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetScrollRange
GetScrollPos
GetScrollInfo
GetIconInfo
GetDesktopWindow
GetDCEx
GetDC
SetWindowPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
FrameRect
FindWindowW
FindWindowExW
FillRect
ExitWindowsEx
EqualRect
EndPaint
EnableScrollBar
DrawTextW
DrawFrameControl
DrawEdge
DefWindowProcW
CopyImage
CallWindowProcW
CallNextHookEx
BeginPaint
LoadIconW
LoadCursorFromFileA
GetShellWindow
GetCapture
CopyIcon
IsWindow
GetSystemMetrics
GetMenuCheckMarkDimensions
GetMessagePos
GetMenu
GetKBCodePage
GetMessageExtraInfo
ReleaseCapture
DestroyWindow
GetSysColor
IsWindowVisible
GetSysColorBrush
DrawMenuBar
IsCharAlphaNumericA
SetWindowRgn
SetWindowsHookExW
ShowWindow
SystemParametersInfoW
UnhookWindowsHookEx
UpdateWindow
WaitForInputIdle
GetCursorPos

gdi32

GetClipBox
GetClipRgn
GetCurrentObject
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetICMProfileW
GetNearestColor
GetNearestPaletteIndex
GetObjectType
EngCreateDeviceBitmap
TranslateCharsetInfo
StretchDIBits
StretchBlt
StartPage
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetRectRgn
SetDIBits
SetBkMode
SetBkColor
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RestoreDC
ResizePalette
RectVisible
RealizePalette
QueryFontAssocStatus
PtInRegion
PolyPatBlt
OffsetWindowOrgEx
OffsetRgn
MaskBlt
IntersectClipRect
GetWindowOrgEx
GetViewportOrgEx
GetTransform
GetTextMetricsW
GetTextFaceAliasW
GetTextFaceA
GetTextExtentPoint32W
GetTextExtentExPointWPri
GetTextExtentExPointW
GetTextCharset
GetPaletteEntries
GetTextCharacterExtra
StrokePath
DeleteEnhMetaFile
GdiFlush
CreateHalftonePalette
EndPath
EndPage
UnrealizeObject
CreateCompatibleDC
GetDCPenColor
GetStockObject
BeginPath
BitBlt
ColorMatchToTarget
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateDIBSection
CreatePalette
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
EngAcquireSemaphore
GetBitmapDimensionEx
EngEraseSurface
EngUnlockSurface
ExcludeClipRect
ExtSelectClipRgn
ExtTextOutW
FillPath
FixBrushOrgEx
GdiConvertBrush
GdiPrinterThunk
GetObjectW

advapi32

LsaFreeMemory
RegQueryValueExW
CloseServiceHandle
ControlService
CopySid
CreateProcessAsUserW
CryptCreateHash
CryptDestroyHash
CryptDestroyKey
CryptGetHashParam
CryptHashData
RevertToSelf
ReportEventW
RegQueryInfoKeyW
RegOpenKeyExW
RegFlushKey
RegEnumValueW
RegEnumKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenServiceW
OpenSCManagerW
OpenProcessToken
LsaQueryInformationPolicy
LsaOpenPolicy
RegOpenKeyW
LsaClose
LsaAddAccountRights
LookupAccountNameW
LogonUserW
IsValidSid
ImpersonateLoggedOnUser
GetUserNameW
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
GetSecurityDescriptorOwner
GetLengthSid
GetFileSecurityW
FreeSid
EnumServicesStatusW
DeleteService
CryptSignHashW
CryptReleaseContext

shell32

SHChangeNotify
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
ShellExecuteExW
ShellExecuteW
FindExecutableW

ole32

CLSIDFromString
CoCreateInstance
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CLSIDFromProgID

Sections

.text
Size: 1003KB - Virtual size: 1003KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 747KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04c68d152aa68f67160717dc6c6fdf82

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 1003KB - Virtual size: 1003KB

.rdata Size: 149KB - Virtual size: 149KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 40KB - Virtual size: 747KB

.text
Size: 1003KB - Virtual size: 1003KB

.rdata
Size: 149KB - Virtual size: 149KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 40KB - Virtual size: 747KB