16859e703c371e1a02aa950d0827ef65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16859e703c371e1a02aa950d0827ef65_JaffaCakes118
Size

189KB
MD5

16859e703c371e1a02aa950d0827ef65
SHA1

73ec6a9c41cff1c46db78365343feff74ed95f56
SHA256

95cfdf94dab620b04212664bd04843148ad93949ae7e5242793e61d70c0efb87
SHA512

7278bf42dfc42dcd95a871d9652fee3b1a2e394259a72764997186d1aefcd921d83d187251019337189a0ba822a45560fa4a42fb33a7fabd80b3e551d47edafd
SSDEEP

3072:DtPEWwqPOOmeaqpO6jf3z2DXPWIqrkf9YCC3QP6u8WSpQ633:D5EWwqJmupZ/z2DOIIkebu8WyX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16859e703c371e1a02aa950d0827ef65_JaffaCakes118

Files

16859e703c371e1a02aa950d0827ef65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a960193f8e75fbb7708c10929ecc7ed7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

gdi32

PatBlt
GetRegionData
SelectObject
IntersectClipRect
ExtCreatePen
EndDoc
ResetDCW
CreateBrushIndirect
DeleteObject
BeginPath
SetROP2
GetStockObject
SetDIBits
EndPath
CreateCompatibleBitmap
CreatePolyPolygonRgn
Escape
AbortDoc
StartDocW
CreateICW
ExtEscape
CloseFigure
BitBlt
SetBrushOrgEx
CreateCompatibleDC
GetWorldTransform
RealizePalette
SelectClipPath
EndPage
GetDeviceCaps
CreateBitmap
GetDIBColorTable
StartPage
FillPath
SetGraphicsMode
StretchDIBits
SelectPalette
LineTo
CombineRgn
PolyBezierTo
DeleteDC
StretchBlt
SaveDC
CreateRectRgn
MoveToEx
SetStretchBltMode
GetRgnBox
ModifyWorldTransform
CreatePalette
GetGraphicsMode
EqualRgn
SetPolyFillMode
SetWorldTransform
GetObjectA
GetClipBox
CreatePatternBrush
CreateDIBSection
ExtSelectClipRgn
SelectClipRgn
GetViewportOrgEx
CreateDCW
PolylineTo
RestoreDC
Rectangle
GetCurrentObject
SetMiterLimit
OffsetRgn
StrokePath
PolyDraw

user32

GetSystemMetrics
GetMonitorInfoA
ReleaseDC
MonitorFromWindow
GetClientRect
SetActiveWindow
CreateWindowExA
EnumDisplayMonitors
DestroyWindow
MonitorFromPoint
OffsetRect
ScrollWindowEx
CharNextW
DefWindowProcA
GetActiveWindow
GetDC
GetWindowRect
SetWindowPos
GetDesktopWindow
WindowFromDC
RegisterClassA
LoadCursorA
LoadIconA
UnregisterClassA

shlwapi

PathRemoveFileSpecA
PathAppendA

ole32

OleIsCurrentClipboard
OleUninitialize
StgOpenStorageOnILockBytes
CoTaskMemFree
CoGetProcessIdentifier
CoRegisterMessageFilter
CoUninitialize
OleFlushClipboard
CoTaskMemAlloc
CoCreateInstance
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoInitialize
CoRevokeClassObject
CoGetClassObject
CLSIDFromProgID
CoFreeUnusedLibraries
CLSIDFromString

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

CloseHandle
GetCalendarInfoW
InterlockedIncrement
GetTempPathW
GetSystemDefaultLCID
GetUserDefaultLangID
EnterCriticalSection
GetCurrentProcess
lstrcmpW
GetLocalTime
ReleaseSemaphore
GetProcAddress
UnhandledExceptionFilter
TlsSetValue
GetProfileStringW
CreateMutexA
FindNextFileA
GetLocaleInfoA
GetTimeFormatW
GetThreadPriority
lstrlenW
DeleteCriticalSection
TlsGetValue
LocalAlloc
GetThreadLocale
Sleep
WideCharToMultiByte
GetVersionExA
GlobalFree
SetUnhandledExceptionFilter
FreeLibrary
GetModuleHandleA
LeaveCriticalSection
EnumResourceNamesA
MultiByteToWideChar
GlobalLock
CreateFileA
GetCurrentThread
GetLastError
WaitForSingleObject
CreateSemaphoreA
GetEnvironmentVariableW
GetSystemInfo
GetFileSize
ExitProcess
FindClose
GlobalSize
GetACP
TlsFree
IsProcessorFeaturePresent
DeleteFileW
GetTimeFormatA
GetDateFormatA
GlobalUnlock
InitializeCriticalSection
GetFileTime
GetCurrentDirectoryA
GetSystemDirectoryA
SetCurrentDirectoryA
GetCurrentProcessId
LoadLibraryA
SetThreadPriority
InterlockedExchange
GetWindowsDirectoryA
GlobalAlloc
ReleaseMutex
GetSystemTimeAsFileTime
GetModuleFileNameA
QueryPerformanceCounter
IsDebuggerPresent
GetDateFormatW
GetTickCount
TerminateProcess
InterlockedCompareExchange
ReadFile
FindFirstFileA
GetCurrentThreadId
RaiseException

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a960193f8e75fbb7708c10929ecc7ed7

Headers

File Characteristics

Imports

msimg32

gdi32

user32

shlwapi

ole32

advapi32

kernel32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 73KB - Virtual size: 72KB

.edata Size: 1024B - Virtual size: 60KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 73KB - Virtual size: 72KB

.edata
Size: 1024B - Virtual size: 60KB