a15541ad3fa3d8794a7af9c751fc6083_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a15541ad3fa3d8794a7af9c751fc6083_JaffaCakes118
Size

62KB
MD5

a15541ad3fa3d8794a7af9c751fc6083
SHA1

4a4500da5bcbfad4f6edc73a46035aeb8bf6c954
SHA256

b147c405e15ce9a426a8043d5934d479806765150373a2c8612b102a98133a60
SHA512

3127c777e3bbac85b6101e87153a62358680b8162e2153219cf48b13ab9434bb4cf9b31ba2c46e1b4dbc26ffa961c10a05b12a8970af920ead14b6fb563e3436
SSDEEP

1536:vE+D9NZWxoo94I8n+S0LMVF8Nzzn4GwWbyon:fvZWuo94I4z02F8Nvzn5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a15541ad3fa3d8794a7af9c751fc6083_JaffaCakes118

Files

a15541ad3fa3d8794a7af9c751fc6083_JaffaCakes118
.exe windows:4 windows x86 arch:x86

287ba6224e2d99860b14de890fc1f9cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

GetAtomNameW
GetLastError
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapSetInformation
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleHandleW
Sleep
MulDiv
GetTickCount
ExitProcess

user32

CreateWindowExW
RegisterClassW
SystemParametersInfoW
LoadImageW
RegisterShellHookWindow
MonitorFromPoint
SetRect
GetSystemMetrics
CopyRect
GetParent
GetWindowThreadProcessId
GetForegroundWindow
EqualRect
UnionRect
MapWindowPoints
GetClientRect
GetWindowLongW
GetGUIThreadInfo
InternalGetWindowText
SendMessageTimeoutW
IsWindowVisible
IsZoomed
IsIconic
GetWindow
GetWindowInfo
InflateRect
GetWindowRgn
IntersectRect
PrintWindow
EnumThreadWindows
GetSysColorBrush
LoadCursorW
PostQuitMessage
DefWindowProcW
DestroyWindow
SetTimer
GetLastInputInfo
SetWindowRgn
SetWindowPos
InvalidateRect
UpdateWindow
FindWindowW
MessageBoxW
SendMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyIcon
DeregisterShellHookWindow
KillTimer
AnimateWindow
ShowWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
OffsetRect
IsWindow
RegisterWindowMessageW

gdi32

GetRegionData
ExtCreateRegion
GetRgnBox
CombineRgn
CreateRectRgn
CreateFontIndirectW
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

ole32

CoInitialize
CoUninitialize

gdiplus

GdipFlush
GdipGetRegionHRgn
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHDC
GdipCreateFromHWND
GdipDrawImageI
GdiplusShutdown
GdiplusStartup
GdipDisposeImage
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCloneImage
GdipDeleteRegion
GdipSetEmpty
GdipCombineRegionRegion
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipDrawImageRectI
GdipSetClipHrgn
GdipResetClip
GdipCreateRegion
GdipCreateRegionRectI
GdipCreateRegionHrgn
GdipGetDC
GdipReleaseDC
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipAlloc
GdipFree

vtthooks

?InstallHooks@@YG_NPAUHWND__@@@Z
?LockShare@@YG_NXZ
?share@@3PAUHooksShareData@@A
?UninstallHooks@@YG_NXZ
?UnlockShare@@YGXXZ

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

287ba6224e2d99860b14de890fc1f9cb

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

ole32

gdiplus

vtthooks

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 456B

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 28KB - Virtual size: 29KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 456B

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 28KB - Virtual size: 29KB