a8591f4f65afdc0c0e299b1419c51830_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a8591f4f65afdc0c0e299b1419c51830_JaffaCakes118
Size

167KB
MD5

a8591f4f65afdc0c0e299b1419c51830
SHA1

030986f56004aa5156cbee16aee28499e89a0568
SHA256

c5600896319471796b7092083a134eb8b655e0f55c15b830cb0fd513d66b09fb
SHA512

f66dad12af0752d53b4d3c4d391e23e71b95ef7384fd9bdd969c24a79b074cac0ae355f0ee349108ac0c1574507349c059fdf8f142bebb9feebef15dfd3273fa
SSDEEP

3072:PxjRRHINChSLLQKKcq4BjctRtthHbaL0i4PPN8H8aJFYnz:P/RoASHKuVchbaLj4P1mFYz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8591f4f65afdc0c0e299b1419c51830_JaffaCakes118

Files

a8591f4f65afdc0c0e299b1419c51830_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b38a9eeaa3060186399520951e048248

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
RegOpenKeyExW
RegSetValueW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW

ole32

CoInitialize
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoCreateInstance

user32

SetParent
GetParent
UnionRect
GetDesktopWindow
SetRectEmpty
GetFocus
SetWindowPos
ClipCursor
TranslateMessage
CreatePopupMenu
ReleaseDC
EqualRect
CloseClipboard
SetCursor
GetClientRect
SetRect
TrackPopupMenuEx
EmptyClipboard
FillRect
OffsetRect
InvalidateRect
DestroyMenu
GetWindowRect
OpenClipboard
SetClipboardData
GetClipboardData
SendMessageW
RedrawWindow
CopyRect
GetDC
UpdateWindow
SetCapture
IsWindow
EnableWindow
ClientToScreen
wsprintfW
IntersectRect
IsRectEmpty
LoadCursorW
GetKeyState
PtInRect
ReleaseCapture
ScreenToClient

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

msimg32

AlphaBlend
TransparentBlt

kernel32

Sleep
ClearCommBreak
FindFirstFileW
LoadLibraryW
QueryPerformanceCounter
SetFileAttributesW
lstrlenA
MultiByteToWideChar
GetSystemTimeAsFileTime
FindClose
GetCurrentThreadId
CreateDirectoryW
GetModuleFileNameW
GetFullPathNameW
CreateFileW
RemoveDirectoryW
ExitProcess
GetLocaleInfoA
ClearCommBreak
LocalAlloc
WideCharToMultiByte
DeleteCriticalSection
GetVersionExA
FreeLibrary
GetModuleFileNameA
InterlockedIncrement
EnumResourceNamesW
GlobalUnlock
EnterCriticalSection
GetTempFileNameW
lstrlenW
GlobalLock
GetVersionExW
GlobalAlloc
ExitProcess
LocalFree
DisableThreadLibraryCalls
GetProcAddress
GetTickCount
FindNextFileW
InitializeCriticalSection
InterlockedDecrement
CloseHandle
LeaveCriticalSection
GetCurrentProcessId
InterlockedExchange
GetTempPathW
OutputDebugStringW
DeleteFileW
GetACP
GetThreadLocale
GetLastError
ReadFile
CopyFileW
GetFileAttributesExW

shell32

SHGetSpecialFolderPathW
DragQueryFileW

gdiplus

GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipDisposeImage

winmm

timeGetTime

shlwapi

PathRemoveFileSpecW
PathIsDirectoryW
PathAddBackslashW
PathIsRelativeW
PathRenameExtensionW
PathCombineW
PathAppendW
PathRemoveBackslashW
PathFileExistsW

gdi32

CreateSolidBrush
MoveToEx
ExtCreatePen
CreateDIBSection
CreateCompatibleDC
LineTo
GetDeviceCaps
DeleteDC
BeginPath
GetObjectType
Polyline
SetBkMode
BitBlt
SetROP2
StrokePath
StretchBlt
CreateBitmap
EndPath
PtInRegion
CreateFontIndirectW
CreatePen
CreatePolygonRgn
SetStretchBltMode
CreateCompatibleBitmap
DeleteObject
SelectObject
GetBitmapBits
CreateDCW
InvertRgn
GetObjectW

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b38a9eeaa3060186399520951e048248

Headers

File Characteristics

Imports

advapi32

ole32

user32

comctl32

msimg32

kernel32

shell32

gdiplus

winmm

shlwapi

gdi32

Sections

.text Size: 121KB - Virtual size: 121KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 40KB - Virtual size: 39KB

.rsr Size: 512B - Virtual size: 64KB

.text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 40KB - Virtual size: 39KB

.rsr
Size: 512B - Virtual size: 64KB