a1f0642ae62079895858750706570f75_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1f0642ae62079895858750706570f75_JaffaCakes118
Size

181KB
MD5

a1f0642ae62079895858750706570f75
SHA1

00db6ace431cb24cd7ab2f31ac8c5602a78f9a81
SHA256

2d8b7874441dbf52bab4107c336fdef1304573e3aa240651d43515cf236dceb5
SHA512

62ddef74e94380de09588f5837bec07c67ba4dc3d2ca0ce01041a31b2f462b4a171430f5f5ce039f649830225e58e9c152ed49a31298b5d5112d5acc0b196e20
SSDEEP

3072:UxxgfWTrunfTmYGQo/k2RNTck9PkhdpHGgB17lHubrYpihGVBPafRfV:ULv0T/G7/pgkpkhVBruopihcBSf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1f0642ae62079895858750706570f75_JaffaCakes118

Files

a1f0642ae62079895858750706570f75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd4c5c678585b45054bb4d5cfe550a1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
GetLocalTime
GetSystemDefaultLCID
GetCurrentThreadId
SetThreadPriority
WideCharToMultiByte
GetVersionExA
GetWindowsDirectoryA
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
TlsGetValue
DeleteFileW
GetCurrentProcess
GlobalSize
GetTempPathW
CreateFileA
ExitProcess
GetDateFormatW
GetThreadLocale
InterlockedExchange
ReleaseMutex
GetFileTime
FindNextFileA
LoadLibraryA
TlsFree
GetTimeFormatW
DeleteCriticalSection
GlobalLock
MultiByteToWideChar
SetCurrentDirectoryA
GetSystemDirectoryA
FreeLibrary
IsDebuggerPresent
GetSystemInfo
GetCurrentProcessId
GlobalUnlock
CloseHandle
lstrcmpW
LocalAlloc
GetLastError
TerminateProcess
UnhandledExceptionFilter
FindClose
EnumResourceNamesA
CreateSemaphoreA
lstrlenW
GetThreadPriority
GetACP
ReleaseSemaphore
GetEnvironmentVariableW
GetDateFormatA
GetFileSize
ReadFile
GetModuleHandleA
EnterCriticalSection
GetTimeFormatA
QueryPerformanceCounter
GetModuleFileNameA
WaitForSingleObject
InitializeCriticalSection
GetLocaleInfoA
GetProfileStringW
Sleep
FindFirstFileA
InterlockedIncrement
GetCurrentThread
GlobalAlloc
GetUserDefaultLangID
TlsSetValue
GlobalFree
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentDirectoryA
GetProcAddress
LeaveCriticalSection
CreateMutexA
GetTickCount
RaiseException

msimg32

AlphaBlend

gdi32

FillPath
CreatePalette
SelectClipPath
SelectPalette
StartDocW
CreateDIBSection
GetRegionData
StrokePath
CreateBitmap
SetDIBits
PatBlt
CombineRgn
GetDIBColorTable
PolylineTo
ModifyWorldTransform
GetObjectA
StretchDIBits
IntersectClipRect
SelectClipRgn
SetGraphicsMode
ExtCreatePen
Rectangle
PolyBezierTo
GetDeviceCaps
SetMiterLimit
ResetDCW
CreateCompatibleBitmap
OffsetRgn
GetClipBox
GetViewportOrgEx
SelectObject
SetBrushOrgEx
RealizePalette
GetWorldTransform
CreateDCW
SetROP2
EqualRgn
CreateCompatibleDC
AbortDoc
DeleteObject
RestoreDC
CreatePatternBrush
EndPage
StartPage
MoveToEx
ExtSelectClipRgn
SetWorldTransform
ExtEscape
BeginPath
CreatePolyPolygonRgn
SetPolyFillMode
CreateICW
CreateBrushIndirect
DeleteDC
CreateRectRgn
GetGraphicsMode
GetStockObject
EndPath
SaveDC
LineTo
GetCurrentObject
GetRgnBox
SetStretchBltMode
Escape
EndDoc
BitBlt
CloseFigure
StretchBlt
PolyDraw

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

ole32

CoInitialize
CLSIDFromProgID
CoFreeUnusedLibraries
CoUninitialize
StgCreateDocfileOnILockBytes
CoRetireServer
CoTaskMemFree
CreateILockBytesOnHGlobal
CoCreateInstance
OleUninitialize
OleFlushClipboard
OleInitialize
CoTaskMemAlloc
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
CoRevokeClassObject
CLSIDFromString

shlwapi

PathRemoveFileSpecA
PathAppendA

user32

CharNextW
ReleaseDC
LoadCursorA
WindowFromDC
SetActiveWindow
SetWindowPos
OffsetRect
GetClientRect
LoadIconA
GetSystemMetrics
DefWindowProcA
CreateWindowExA
GetWindowRect
MonitorFromPoint
ScrollWindowEx
GetMonitorInfoA
DestroyWindow
RegisterClassA
MonitorFromWindow
GetActiveWindow
GetDesktopWindow
EnumDisplayMonitors
GetDC
UnregisterClassA

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd4c5c678585b45054bb4d5cfe550a1f

Headers

File Characteristics

Imports

kernel32

msimg32

gdi32

advapi32

ole32

shlwapi

user32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 73KB - Virtual size: 73KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 73KB - Virtual size: 73KB

.edata
Size: 1024B - Virtual size: 244KB