b0076a631b2ef224535f98274b8231e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b0076a631b2ef224535f98274b8231e6_JaffaCakes118
Size

187KB
MD5

b0076a631b2ef224535f98274b8231e6
SHA1

616a9427eacd4eb65c55103f8a16ba773d68dd7d
SHA256

a594fb6028f9835e6fcb9d09e57de2836e78b1ed2ae963293e94bec5b8f0d9b8
SHA512

d222e13af43f6ae2627bc601fa9404ca5ac86bdd9c41c493b06b73485b8c7403bbe8dbee09746416b0be40e0a7310152ad03aaf96f8cf4d72dbf400b8c4eb20e
SSDEEP

3072:jc/NAm/PF74riKg+K28FEJmCWSaMTxotw5JvfEhlXgTrV04mGhXzVUnW:j6NHabK28tCiMTxZJ3iXgy49hXiW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0076a631b2ef224535f98274b8231e6_JaffaCakes118

Files

b0076a631b2ef224535f98274b8231e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6039f58efd5a9291d7bc81e1adc6bbf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MonitorFromWindow
LoadIconA
GetActiveWindow
DefWindowProcA
ScrollWindowEx
SetActiveWindow
EnumDisplayMonitors
DestroyWindow
GetMonitorInfoA
GetDC
GetWindowRect
GetDesktopWindow
CreateWindowExA
CharNextW
LoadCursorA
MonitorFromPoint
SetWindowPos
OffsetRect
RegisterClassA
ReleaseDC
GetClientRect
WindowFromDC
GetSystemMetrics
UnregisterClassA

kernel32

TlsSetValue
FindClose
GetModuleFileNameA
InterlockedCompareExchange
GetCurrentThread
GetACP
GetCalendarInfoW
DeleteFileW
WideCharToMultiByte
Sleep
CreateSemaphoreA
GetModuleHandleA
lstrlenW
DeleteCriticalSection
GetTimeFormatA
GlobalAlloc
UnhandledExceptionFilter
GetFileSize
IsDebuggerPresent
GetCurrentProcess
GetTimeFormatW
GetProcAddress
GetEnvironmentVariableW
ReadFile
GetLastError
GlobalFree
GetProfileStringW
GetTickCount
lstrcmpW
EnterCriticalSection
GetCurrentProcessId
GetTempPathW
LeaveCriticalSection
GetVersionExA
FindFirstFileA
GlobalUnlock
EnumResourceNamesA
TerminateProcess
ReleaseSemaphore
CreateFileA
ExitProcess
TlsFree
GetWindowsDirectoryA
InterlockedIncrement
GetSystemTimeAsFileTime
WaitForSingleObject
InterlockedExchange
GetSystemDirectoryA
GetSystemInfo
SetThreadPriority
GetDateFormatW
GetLocaleInfoA
GlobalLock
InitializeCriticalSection
LocalAlloc
SetUnhandledExceptionFilter
CloseHandle
ReleaseMutex
GetLocalTime
GetUserDefaultLangID
FreeLibrary
GetThreadLocale
GetFileTime
SetCurrentDirectoryA
GetCurrentThreadId
FindNextFileA
LoadLibraryA
GetCurrentDirectoryA
MultiByteToWideChar
GetDateFormatA
GlobalSize
CreateMutexA
GetThreadPriority
TlsGetValue
IsProcessorFeaturePresent
GetSystemDefaultLCID
QueryPerformanceCounter
RaiseException

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

gdi32

PolylineTo
BitBlt
SetWorldTransform
FillPath
CombineRgn
StrokePath
ExtCreatePen
AbortDoc
DeleteObject
GetCurrentObject
EndPage
SelectClipRgn
ResetDCW
GetClipBox
EqualRgn
StretchBlt
StartDocW
CreateDIBSection
SelectClipPath
PolyBezierTo
GetDIBColorTable
GetWorldTransform
EndPath
SelectObject
SetGraphicsMode
SetStretchBltMode
CloseFigure
CreateCompatibleBitmap
StartPage
GetRegionData
CreateCompatibleDC
SetMiterLimit
Escape
ExtSelectClipRgn
SetBrushOrgEx
ExtEscape
RestoreDC
PatBlt
DeleteDC
SetROP2
IntersectClipRect
GetViewportOrgEx
GetStockObject
OffsetRgn
CreateBrushIndirect
StretchDIBits
GetGraphicsMode
SelectPalette
CreateBitmap
LineTo
CreatePatternBrush
ModifyWorldTransform
RealizePalette
CreatePalette
EndDoc
GetDeviceCaps
GetObjectA
MoveToEx
CreateRectRgn
Rectangle
CreateDCW
BeginPath
GetRgnBox
CreatePolyPolygonRgn
SetPolyFillMode
SaveDC
CreateICW
SetDIBits
PolyDraw

shlwapi

PathRemoveFileSpecA
PathAppendA

msimg32

AlphaBlend

ole32

CoTaskMemFree
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoCreateInstance
CoInitialize
CLSIDFromProgID
CoGetProcessIdentifier
CoGetClassObject
OleIsCurrentClipboard
CoRevokeClassObject
OleUninitialize
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
CoFreeUnusedLibraries
OleInitialize
CoUninitialize
CoTaskMemAlloc
CLSIDFromString

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6039f58efd5a9291d7bc81e1adc6bbf8

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

shlwapi

msimg32

ole32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 73KB - Virtual size: 72KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 73KB - Virtual size: 72KB

.edata
Size: 1024B - Virtual size: 244KB