a5f72e5fd014a54a2a25b0341a1231e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5f72e5fd014a54a2a25b0341a1231e7_JaffaCakes118
Size

328KB
MD5

a5f72e5fd014a54a2a25b0341a1231e7
SHA1

2018572c0f5ae19315c46887e06c477f7d612e00
SHA256

fb6f81853b2500c4a93f3a0e4d8b674577cf0ab533818733f68b055794494a54
SHA512

640abe4bb00036e15e782551d50f16c4beb3e37d571ebee28540b55540ad66cf6e0fee6dd75b298416e597c049cd8950f5c0738276a857161e764fc13174458c
SSDEEP

6144:oD40irNEaV4BSLJJ10Z8gWRyPP75z2yNYdJXrdBdDAXrwB8a6F2:J7rN74yXuWRW5z29FvNkE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5f72e5fd014a54a2a25b0341a1231e7_JaffaCakes118

Files

a5f72e5fd014a54a2a25b0341a1231e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1bc4c04bef66b84a5606ca4f3a36367

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

CreateStdAccessibleObject
LresultFromObject

urlmon

CoInternetCreateZoneManager

gdi32

GetPixel
SelectObject
BitBlt
GetTextExtentPoint32W
CombineRgn
CreateFontIndirectW
MoveToEx
DeleteObject
DeleteDC
GetCurrentObject
SetBkMode
GetClipRgn
PatBlt
CreateCompatibleBitmap
LineTo
SelectClipRgn
CreateCompatibleDC
GetBkColor
GetTextExtentPointW
TextOutW
GetStockObject
SetBkColor
CreateFontW
CreatePatternBrush
CreateBitmap
GetObjectW
Rectangle
StretchBlt
GetTextColor
CreateSolidBrush
SetLayout
CreatePen
SetTextAlign
GetDeviceCaps
SetTextColor
CreateRectRgn
IntersectClipRect

msimg32

GradientFill
TransparentBlt

shlwapi

PathAddBackslashW
SHDeleteKeyW
StrCmpIW
SHQueryValueExW
StrCmpW
PathUndecorateW
SHRegGetValueW
StrChrW
StrToIntW
PathFindFileNameW
PathAddExtensionW
PathAppendW
PathFindExtensionW
UrlCanonicalizeW
StrStrW
PathRemoveExtensionW
SHCreateStreamOnFileW
StrChrA

wininet

InternetGetCookieW
ReadUrlCacheEntryStream
HttpOpenRequestW
GetUrlCacheEntryInfoW
InternetCanonicalizeUrlW
PrivacyGetZonePreferenceW
RetrieveUrlCacheEntryStreamW
FindNextUrlCacheEntryW
DeleteUrlCacheEntryW
FindFirstUrlCacheEntryW
PrivacySetZonePreferenceW
UnlockUrlCacheEntryStream
InternetSetOptionW

ole32

OleInitialize
OleUninitialize
StringFromGUID2
CoTaskMemRealloc
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CreateStreamOnHGlobal

kernel32

GetComputerNameExA
UnhandledExceptionFilter
CreateActCtxW
QueryPerformanceCounter
ContinueDebugEvent
GetSystemTimeAsFileTime
GetUserDefaultUILanguage
VirtualAlloc
SearchPathW
InterlockedCompareExchange
ExitProcess
SetUnhandledExceptionFilter
TerminateProcess
OutputDebugStringA
GetSystemDefaultUILanguage
VirtualFree

user32

DestroyWindow
DispatchMessageW
LoadCursorW
SetCursor
GetWindowWord
SetRectEmpty
SetWindowPos
DrawTextW
OffsetRect
CreateDialogParamW
PtInRect
PeekMessageW
TranslateMessage
EnumChildWindows
ShowWindow
DestroyCursor

uxtheme

IsThemeActive

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1bc4c04bef66b84a5606ca4f3a36367

Headers

File Characteristics

Imports

oleacc

urlmon

gdi32

msimg32

shlwapi

wininet

ole32

kernel32

user32

uxtheme

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 128KB - Virtual size: 127KB

.edata Size: 5KB - Virtual size: 76KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 128KB - Virtual size: 127KB

.edata
Size: 5KB - Virtual size: 76KB