63d00feb8a0da7703058eca9907d5300_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63d00feb8a0da7703058eca9907d5300_JaffaCakes118
Size

154KB
MD5

63d00feb8a0da7703058eca9907d5300
SHA1

2a4a8b603e7e7b4f0ff8a32821ae56c7992dc0ea
SHA256

d2355cd61cd442b956afe750fb580c021bed83a9519603d4bc5eeff6a4966df7
SHA512

4faa44c77a99f1c4f7b74ea8d54309020902ad48dfb71444c16a32b4214516d6ef6a550d052a5d722322c57658ff9ff8a2caf55b1f2b6a00da167e9898f5f9c7
SSDEEP

3072:V6UTUh96tu+LkK2U+JVBtQstryoOiyCJ+ham:V6u0Utu+LQUS/OoPyc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63d00feb8a0da7703058eca9907d5300_JaffaCakes118

Files

63d00feb8a0da7703058eca9907d5300_JaffaCakes118
.exe windows:4 windows x86 arch:x86

181557cceedef0ad18c06f163ee29f29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
DeleteObject
InvertRgn
CreateSolidBrush
LineTo
SetStretchBltMode
PtInRegion
ExtCreatePen
StrokePath
CreateDCW
BitBlt
Polyline
GetObjectType
SetBkMode
GetBitmapBits
CreatePen
DeleteDC
EndPath
CreateDIBSection
SetROP2
CreateCompatibleBitmap
CreateBitmap
BeginPath
StretchBlt
CreateFontIndirectW
GetDeviceCaps
MoveToEx
CreatePolygonRgn
CreateCompatibleDC
GetObjectW

advapi32

RegSetValueW
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegEnumKeyExW

ole32

CoInitialize
CoUninitialize
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance

shell32

SHGetSpecialFolderPathW
DragQueryFileW

kernel32

ClearCommBreak
InterlockedExchange
Sleep
GetCurrentProcessId
GetVersionExW
LocalFree
GetModuleFileNameW
CreateDirectoryW
GetLastError
CloseHandle
ExitProcess
OutputDebugStringW
GetModuleFileNameA
ClearCommBreak
GetLocaleInfoA
EnterCriticalSection
InterlockedDecrement
QueryPerformanceCounter
DisableThreadLibraryCalls
InitializeCriticalSection
WideCharToMultiByte
GetTickCount
GetTempPathW
EnumResourceNamesW
GetThreadLocale
GetACP
FindFirstFileW
RemoveDirectoryW
LoadLibraryW
GetSystemTimeAsFileTime
GetFullPathNameW
GetProcAddress
GlobalLock
MultiByteToWideChar
CopyFileW
GetCurrentThreadId
DeleteFileW
lstrlenA
InterlockedIncrement
ExitProcess
LeaveCriticalSection
CreateFileW
FreeLibrary
GlobalAlloc
GetTempFileNameW
SetFileAttributesW
FindClose
LocalAlloc
FindNextFileW
DeleteCriticalSection
ReadFile
GetVersionExA
lstrlenW
GlobalUnlock
GetFileAttributesExW

user32

EmptyClipboard
GetWindowRect
ReleaseCapture
EqualRect
SetParent
RedrawWindow
SendMessageW
CloseClipboard
IsWindow
OpenClipboard
DestroyMenu
UnionRect
EnableWindow
GetClipboardData
ReleaseDC
SetRect
GetDesktopWindow
IntersectRect
SetCapture
SetClipboardData
SetCursor
TrackPopupMenuEx
CopyRect
InvalidateRect
GetFocus
UpdateWindow
PtInRect
OffsetRect
CreatePopupMenu
FillRect
GetClientRect
IsRectEmpty
SetWindowPos
wsprintfW
LoadCursorW
ClipCursor
SetRectEmpty
GetKeyState
ClientToScreen
GetDC
TranslateMessage
GetParent
ScreenToClient

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

winmm

timeGetTime

gdiplus

GdipGetImageWidth
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImagePixelFormat
GdipDisposeImage

shlwapi

PathAppendW
PathRemoveFileSpecW
PathIsDirectoryW
PathIsRelativeW
PathCombineW
PathRemoveBackslashW
PathAddBackslashW
PathRenameExtensionW
PathFileExistsW

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

181557cceedef0ad18c06f163ee29f29

Headers

File Characteristics

Imports

gdi32

advapi32

ole32

shell32

kernel32

user32

msimg32

comctl32

winmm

gdiplus

shlwapi

Sections

.text Size: 114KB - Virtual size: 113KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 34KB - Virtual size: 34KB

.rsr Size: 512B - Virtual size: 200KB

.text
Size: 114KB - Virtual size: 113KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 34KB - Virtual size: 34KB

.rsr
Size: 512B - Virtual size: 200KB