c1a2f462bac47478e9d79efacd4569cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1a2f462bac47478e9d79efacd4569cc_JaffaCakes118
Size

181KB
MD5

c1a2f462bac47478e9d79efacd4569cc
SHA1

bc260bb0e3897385b8e6276244f6b21c0515435c
SHA256

14467497e587a5db13b436305fab9393fea48a1f8384f8772ddf2c349f205055
SHA512

03c909858ed89ab5ed40ef4314f90427164c5940ca43183b3401b1f643486bee6b7f636878073e978f3c20dbc023eb29167ba75c0cf6e1794c0d3daed32e23e8
SSDEEP

3072:rmyX2sQw92aRuiteE0IXnqhZB6edI/LBiAHkdbkFu468wEWy3BXEP1q282I:rm0228aRuiM3BhZPIDBiAHk17EWqBXIE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1a2f462bac47478e9d79efacd4569cc_JaffaCakes118

Files

c1a2f462bac47478e9d79efacd4569cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dbdd9efba204579f173235d9938351f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

gdi32

CreateDCW
CreateCompatibleBitmap
SaveDC
OffsetRgn
Rectangle
ModifyWorldTransform
GetCurrentObject
StartDocW
EndPage
CreateCompatibleDC
Escape
CreateICW
IntersectClipRect
DeleteDC
SelectClipPath
ExtCreatePen
DeleteObject
SelectObject
SetStretchBltMode
RestoreDC
CreateBrushIndirect
GetRegionData
MoveToEx
CreateDIBSection
CombineRgn
RealizePalette
EndPath
ResetDCW
CreatePolyPolygonRgn
AbortDoc
CreatePatternBrush
SetROP2
CreateRectRgn
ExtSelectClipRgn
BitBlt
SetBrushOrgEx
EndDoc
GetStockObject
SetMiterLimit
GetRgnBox
FillPath
EqualRgn
BeginPath
StrokePath
SelectPalette
PatBlt
CloseFigure
PolyBezierTo
SetGraphicsMode
CreatePalette
PolylineTo
StretchBlt
LineTo
SetDIBits
SetWorldTransform
ExtEscape
GetClipBox
StartPage
SetPolyFillMode
CreateBitmap
SelectClipRgn
StretchDIBits
GetWorldTransform
GetViewportOrgEx
GetDeviceCaps
GetDIBColorTable
GetObjectA
GetGraphicsMode
PolyDraw

advapi32

RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

ole32

CoGetClassObject
CoCreateInstance
CLSIDFromProgID
CoTaskMemFree
CoFreeUnusedLibraries
CoTaskMemAlloc
CoGetProcessIdentifier
OleInitialize
CoInitialize
CoUninitialize
OleIsCurrentClipboard
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleUninitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleFlushClipboard
CLSIDFromString

user32

EnumDisplayMonitors
GetWindowRect
CharNextW
SetWindowPos
ReleaseDC
GetDC
MonitorFromWindow
GetDesktopWindow
CreateWindowExA
MonitorFromPoint
LoadCursorA
GetSystemMetrics
WindowFromDC
ScrollWindowEx
OffsetRect
DestroyWindow
DefWindowProcA
RegisterClassA
GetActiveWindow
GetClientRect
SetActiveWindow
LoadIconA
GetMonitorInfoA
UnregisterClassA

shlwapi

PathRemoveFileSpecA
PathAppendA

kernel32

InterlockedCompareExchange
QueryPerformanceCounter
TlsFree
GetProcAddress
ReadFile
TlsGetValue
GetUserDefaultLangID
GetLastError
lstrcmpW
GetACP
GetCurrentThread
GetDateFormatW
GetSystemDefaultLCID
FreeLibrary
GetCalendarInfoW
GetCurrentDirectoryA
GetCurrentProcess
Sleep
GetModuleFileNameA
GetEnvironmentVariableW
TerminateProcess
GetDateFormatA
GetSystemTimeAsFileTime
GetLocalTime
FindNextFileA
LeaveCriticalSection
GetSystemInfo
GetLocaleInfoA
GetTimeFormatW
CreateMutexA
WideCharToMultiByte
ReleaseMutex
IsDebuggerPresent
UnhandledExceptionFilter
lstrlenW
CloseHandle
GetThreadPriority
GlobalAlloc
GetVersionExA
GetSystemDirectoryA
LocalAlloc
FindClose
CreateSemaphoreA
GetModuleHandleA
EnumResourceNamesA
GetProfileStringW
GetTickCount
SetThreadPriority
EnterCriticalSection
SetCurrentDirectoryA
MultiByteToWideChar
InterlockedIncrement
ReleaseSemaphore
GlobalLock
GetThreadLocale
TlsSetValue
GlobalUnlock
InitializeCriticalSection
GetFileTime
LoadLibraryA
GetCurrentProcessId
GetTempPathW
FindFirstFileA
GetFileSize
DeleteCriticalSection
DeleteFileW
CreateFileA
IsProcessorFeaturePresent
GlobalFree
InterlockedExchange
GetTimeFormatA
GetWindowsDirectoryA
SetUnhandledExceptionFilter
ExitProcess
WaitForSingleObject
GlobalSize
GetCurrentThreadId
RaiseException

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbdd9efba204579f173235d9938351f7

Headers

File Characteristics

Imports

msimg32

gdi32

advapi32

ole32

user32

shlwapi

kernel32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 72KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 72KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 240KB