6671365acfe76488a09bd0edce7e6e99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6671365acfe76488a09bd0edce7e6e99_JaffaCakes118
Size

182KB
MD5

6671365acfe76488a09bd0edce7e6e99
SHA1

58f13b85258bf9fd945f8bfaeb5a72931a82391d
SHA256

2593b936f22ea69bca66de91e8942636ae4c6ec9314073637f2bb8928233bd3f
SHA512

7da21821a0a6a6a076fa371a2069b4e7daf92607f0d0296faa1633d5df0c03d9b64e4b5e509063168a804cf191544a300738af6a49a54dbd50e662a07c861319
SSDEEP

3072:rAadN/ksTcUy9kyDB15/QlCfvD0FTAidXz7E1nmUIjTUZtweCQEVnSGd7jUAj+qh:n9ksfyyyF1alCzuT3dDymUugHwzVJdSm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6671365acfe76488a09bd0edce7e6e99_JaffaCakes118

Files

6671365acfe76488a09bd0edce7e6e99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15ec29324693298c296a6e9d1e530c93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

user32

DestroyWindow
GetSystemMetrics
LoadIconA
EnumDisplayMonitors
RegisterClassA
GetClientRect
GetWindowRect
SetActiveWindow
CreateWindowExA
MonitorFromWindow
OffsetRect
MonitorFromPoint
CharNextW
GetDesktopWindow
ReleaseDC
ScrollWindowEx
WindowFromDC
LoadCursorA
SetWindowPos
GetActiveWindow
DefWindowProcA
GetMonitorInfoA
GetDC
UnregisterClassA

ole32

StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
CoRetireServer
CLSIDFromProgID
CoRevokeClassObject
CoCreateInstance
OleFlushClipboard
CoGetClassObject
OleIsCurrentClipboard
CoUninitialize
StgCreateDocfileOnILockBytes
CoInitialize
OleUninitialize
CoRegisterMessageFilter
OleInitialize
CLSIDFromString

gdi32

GetGraphicsMode
GetDIBColorTable
ExtCreatePen
CreateCompatibleDC
PatBlt
DeleteDC
StartDocW
GetRgnBox
SelectPalette
StrokePath
RealizePalette
SelectClipPath
RestoreDC
StartPage
CreateBrushIndirect
CreateBitmap
SelectObject
SetGraphicsMode
GetDeviceCaps
CreateDIBSection
CreateRectRgn
StretchDIBits
CombineRgn
SetStretchBltMode
BitBlt
SelectClipRgn
CreatePatternBrush
EndDoc
StretchBlt
SetBrushOrgEx
CreatePalette
DeleteObject
CreateDCW
CloseFigure
ModifyWorldTransform
PolyBezierTo
GetStockObject
LineTo
CreateCompatibleBitmap
GetObjectA
SetROP2
CreatePolyPolygonRgn
AbortDoc
SaveDC
SetMiterLimit
FillPath
BeginPath
SetPolyFillMode
ExtSelectClipRgn
SetDIBits
GetWorldTransform
GetClipBox
ResetDCW
Rectangle
SetWorldTransform
EqualRgn
EndPage
IntersectClipRect
CreateICW
GetCurrentObject
EndPath
GetViewportOrgEx
Escape
PolylineTo
OffsetRgn
MoveToEx
GetRegionData
ExtEscape
PolyDraw

msimg32

AlphaBlend

shlwapi

PathRemoveFileSpecA
PathAppendA

kernel32

ReleaseMutex
InterlockedExchange
QueryPerformanceCounter
TlsGetValue
lstrlenW
CreateSemaphoreA
SetCurrentDirectoryA
FreeLibrary
GetCalendarInfoW
GlobalSize
GetLocaleInfoA
IsDebuggerPresent
GetEnvironmentVariableW
GetModuleFileNameA
GetACP
GetModuleHandleA
GetCurrentDirectoryA
GetThreadLocale
DeleteFileW
SetThreadPriority
CreateFileA
UnhandledExceptionFilter
GetLocalTime
GlobalLock
EnterCriticalSection
GetFileTime
GetSystemInfo
CloseHandle
DeleteCriticalSection
GetUserDefaultLangID
GetTempPathW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
WideCharToMultiByte
Sleep
lstrcmpW
EnumResourceNamesA
FindFirstFileA
CreateMutexA
InterlockedCompareExchange
GlobalFree
GlobalAlloc
GetProfileStringW
GetCurrentProcessId
GetTimeFormatW
LocalAlloc
ExitProcess
GetSystemDefaultLCID
GetCurrentThreadId
FindClose
InitializeCriticalSection
WaitForSingleObject
GlobalUnlock
GetCurrentThread
GetSystemDirectoryA
GetFileSize
TlsSetValue
GetCurrentProcess
GetDateFormatA
GetDateFormatW
GetWindowsDirectoryA
FindNextFileA
GetProcAddress
ReadFile
IsProcessorFeaturePresent
GetVersionExA
TlsFree
LoadLibraryA
LeaveCriticalSection
GetTimeFormatA
GetThreadPriority
MultiByteToWideChar
GetLastError
ReleaseSemaphore
InterlockedIncrement
GetTickCount
TerminateProcess
RaiseException

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15ec29324693298c296a6e9d1e530c93

Headers

File Characteristics

Imports

advapi32

user32

ole32

gdi32

msimg32

shlwapi

kernel32

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 70KB - Virtual size: 69KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 70KB - Virtual size: 69KB

.edata
Size: 1024B - Virtual size: 240KB