be7cad7038b36b5a46daab809a7af6c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be7cad7038b36b5a46daab809a7af6c6_JaffaCakes118
Size

173KB
MD5

be7cad7038b36b5a46daab809a7af6c6
SHA1

4cff4adcfda0acb06a1fd893435f7fae28e89a40
SHA256

1caad894abf076933695f32d0094d1fc8a4e44cf70c3ff597e0f475148924bbe
SHA512

db561b3a048df03a51d68e42bd7b98436144541912b05465d8fe777c676e96adb159aa7ad8f8de5e912ed0a40b78a603979ad50e5e04a8bb6d7171031db3f567
SSDEEP

3072:h/ufhDFdxqXxdiQBJRIViOw2FWqnwb5e038hZhWF:h/uZRdAX7JB/IkOwNqncey8hZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be7cad7038b36b5a46daab809a7af6c6_JaffaCakes118

Files

be7cad7038b36b5a46daab809a7af6c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1b508154afb27e5ca84d2b90f85cea9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

kernel32

CloseHandle
InterlockedExchange
TlsSetValue
FindNextFileA
GetSystemDirectoryA
GetTempPathW
GetSystemDefaultLCID
SetCurrentDirectoryA
ExitProcess
GetLocalTime
Sleep
GetTimeFormatA
GetWindowsDirectoryA
GetCalendarInfoW
GetModuleHandleA
IsProcessorFeaturePresent
SetThreadPriority
InterlockedCompareExchange
GetTimeFormatW
GetLastError
LoadLibraryA
GetUserDefaultLangID
FreeLibrary
WideCharToMultiByte
CreateFileA
GetCurrentProcessId
GetACP
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
GetDateFormatW
GetModuleFileNameA
GetSystemInfo
GetProfileStringW
GetSystemTimeAsFileTime
GetEnvironmentVariableW
GetCurrentThread
WaitForSingleObject
GetTickCount
CreateSemaphoreA
GetFileSize
IsDebuggerPresent
UnhandledExceptionFilter
GetLocaleInfoA
InterlockedIncrement
EnumResourceNamesA
GetProcAddress
TlsGetValue
lstrcmpW
FindClose
lstrlenW
ReadFile
GetCurrentProcess
FindFirstFileA
QueryPerformanceCounter
GlobalLock
GlobalSize
DeleteFileW
InitializeCriticalSection
GetCurrentDirectoryA
GlobalUnlock
GlobalAlloc
LocalAlloc
CreateMutexA
DeleteCriticalSection
GetCurrentThreadId
ReleaseSemaphore
GlobalFree
TerminateProcess
TlsFree
GetThreadPriority
ReleaseMutex
MultiByteToWideChar
GetFileTime
GetVersionExA
GetThreadLocale
GetDateFormatA
RaiseException

shlwapi

PathRemoveFileSpecA
PathAppendA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
OleIsCurrentClipboard
CoGetProcessIdentifier
CoTaskMemAlloc
CLSIDFromProgID
OleFlushClipboard
OleUninitialize
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRevokeClassObject
CoGetClassObject
OleInitialize
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoCreateInstance
CLSIDFromString

gdi32

StrokePath
StretchDIBits
SelectClipRgn
EqualRgn
GetGraphicsMode
FillPath
OffsetRgn
GetViewportOrgEx
PatBlt
SetGraphicsMode
PolyBezierTo
SetMiterLimit
SetBrushOrgEx
ExtSelectClipRgn
RealizePalette
ModifyWorldTransform
CreatePalette
GetWorldTransform
SaveDC
ExtCreatePen
CreateBrushIndirect
SetDIBits
GetClipBox
BitBlt
BeginPath
SetROP2
EndPage
CreatePolyPolygonRgn
DeleteObject
SelectObject
GetStockObject
GetDIBColorTable
GetObjectA
SetPolyFillMode
StartPage
GetCurrentObject
Rectangle
StartDocW
CreateCompatibleDC
SetStretchBltMode
GetRgnBox
CreateDIBSection
CreateRectRgn
GetDeviceCaps
EndPath
DeleteDC
CreatePatternBrush
IntersectClipRect
SelectPalette
CreateCompatibleBitmap
CombineRgn
ExtEscape
LineTo
GetRegionData
MoveToEx
EndDoc
CreateICW
ResetDCW
PolylineTo
SelectClipPath
SetWorldTransform
StretchBlt
CloseFigure
Escape
RestoreDC
AbortDoc
CreateBitmap
CreateDCW
PolyDraw

user32

GetWindowRect
GetClientRect
OffsetRect
SetActiveWindow
CharNextW
MonitorFromWindow
ReleaseDC
DefWindowProcA
EnumDisplayMonitors
LoadCursorA
ScrollWindowEx
GetSystemMetrics
GetDC
DestroyWindow
MonitorFromPoint
GetDesktopWindow
RegisterClassA
GetActiveWindow
CreateWindowExA
SetWindowPos
LoadIconA
WindowFromDC
GetMonitorInfoA
UnregisterClassA

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1b508154afb27e5ca84d2b90f85cea9

Headers

File Characteristics

Imports

msimg32

kernel32

shlwapi

advapi32

ole32

gdi32

user32

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 71KB - Virtual size: 70KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 71KB - Virtual size: 70KB

.edata
Size: 1024B - Virtual size: 92KB