5f212d7ab7b738bb16a8daf73c9c9407_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f212d7ab7b738bb16a8daf73c9c9407_JaffaCakes118
Size

182KB
MD5

5f212d7ab7b738bb16a8daf73c9c9407
SHA1

bd1254fc2cb9b3a5347b4ff29fcdbefc24b4ac14
SHA256

816ce1793081be0e018a8e69f2cf6ac561668bb9fe98d534a27add3f5d39740f
SHA512

d5e8dd825b4f39fbf13fb2b912205e259fe3e2b66084cd69843e8eb47158e3fa176de91bf8733894964c1ef1f6cdf1df311b8d5aeb2347f465d6bad063adf428
SSDEEP

3072:zLhSuhoOGFNShJSO8uPacCLnTZspEmGk+7U7i2JsLM45B:ifeJSTuPWzF2ErIVSD5B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f212d7ab7b738bb16a8daf73c9c9407_JaffaCakes118

Files

5f212d7ab7b738bb16a8daf73c9c9407_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf846504c8b15a28e3ca79bbd6b0a87a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreatePolyPolygonRgn
GetViewportOrgEx
CreateICW
SetMiterLimit
SetWorldTransform
GetGraphicsMode
Escape
RestoreDC
DeleteObject
GetStockObject
CreatePatternBrush
GetRegionData
LineTo
ModifyWorldTransform
ExtSelectClipRgn
CreateDCW
SetBrushOrgEx
SelectObject
CreateBitmap
AbortDoc
ExtEscape
ResetDCW
CreatePalette
CreateRectRgn
BitBlt
FillPath
GetObjectA
StartPage
PolylineTo
SelectClipPath
PolyBezierTo
CloseFigure
StretchBlt
GetClipBox
EndDoc
OffsetRgn
IntersectClipRect
PatBlt
CreateCompatibleBitmap
SetStretchBltMode
StrokePath
SaveDC
SetROP2
SetPolyFillMode
GetCurrentObject
StartDocW
GetWorldTransform
CombineRgn
GetRgnBox
EqualRgn
ExtCreatePen
DeleteDC
MoveToEx
SelectClipRgn
SetDIBits
CreateBrushIndirect
RealizePalette
SelectPalette
EndPath
GetDIBColorTable
CreateCompatibleDC
BeginPath
CreateDIBSection
EndPage
SetGraphicsMode
Rectangle
GetDeviceCaps
StretchDIBits
PolyDraw

msimg32

AlphaBlend

ole32

CoUninitialize
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
OleInitialize
CoGetProcessIdentifier
CoInitialize
CoGetClassObject
OleUninitialize
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoCreateInstance
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CLSIDFromString

user32

CharNextW
MonitorFromWindow
CreateWindowExA
LoadCursorA
GetDC
GetMonitorInfoA
RegisterClassA
GetClientRect
GetDesktopWindow
ReleaseDC
ScrollWindowEx
DefWindowProcA
OffsetRect
GetWindowRect
GetSystemMetrics
SetWindowPos
WindowFromDC
LoadIconA
MonitorFromPoint
EnumDisplayMonitors
GetActiveWindow
SetActiveWindow
DestroyWindow
UnregisterClassA

kernel32

WideCharToMultiByte
lstrcmpW
GetProfileStringW
DeleteFileW
GetSystemDefaultLCID
QueryPerformanceCounter
LeaveCriticalSection
GetCurrentThreadId
GetCurrentProcess
GetCalendarInfoW
GetUserDefaultLangID
ReleaseSemaphore
SetCurrentDirectoryA
GetTempPathW
GetEnvironmentVariableW
GlobalUnlock
GetLocalTime
GetDateFormatA
DeleteCriticalSection
GlobalAlloc
InterlockedCompareExchange
GetCurrentThread
Sleep
FindClose
WaitForSingleObject
GetWindowsDirectoryA
GetACP
ReadFile
CreateSemaphoreA
GetModuleHandleA
IsProcessorFeaturePresent
FindFirstFileA
GetLastError
GetFileTime
GetLocaleInfoA
ReleaseMutex
SetThreadPriority
LocalAlloc
GetSystemTimeAsFileTime
lstrlenW
GetSystemDirectoryA
GetTimeFormatA
GetCurrentDirectoryA
EnumResourceNamesA
TlsFree
InterlockedExchange
GetThreadLocale
GetTickCount
GlobalFree
GetModuleFileNameA
InitializeCriticalSection
FindNextFileA
CreateFileA
GetFileSize
GetDateFormatW
SetUnhandledExceptionFilter
GetTimeFormatW
IsDebuggerPresent
TlsSetValue
ExitProcess
EnterCriticalSection
CloseHandle
GetCurrentProcessId
FreeLibrary
TlsGetValue
InterlockedIncrement
GetVersionExA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
TerminateProcess
GetSystemInfo
CreateMutexA
GetThreadPriority
GlobalSize
GlobalLock
UnhandledExceptionFilter
RaiseException

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

shlwapi

PathRemoveFileSpecA
PathAppendA

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf846504c8b15a28e3ca79bbd6b0a87a

Headers

File Characteristics

Imports

gdi32

msimg32

ole32

user32

kernel32

advapi32

shlwapi

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 71KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 71KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 240KB