c1336e427867fe6bcb88cf0fceff38f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1336e427867fe6bcb88cf0fceff38f4_JaffaCakes118
Size

117KB
MD5

c1336e427867fe6bcb88cf0fceff38f4
SHA1

4714f6261e5c59420bf162323018922da6946159
SHA256

e6633d4103c6abff5a8209b7ba57574fb966eb5ae3ce92d11d7f4ecd94ce1800
SHA512

43b30c88d4eccf734d8db7126b13899a75ee7d31516cb46583c5f1b1bab85bff0195534cc38f0db2bb989e2fa4aa07368ee4929af541e4f8a8ef75b43a2fd9c3
SSDEEP

3072:QZWEaq34I4z0XeeGEopSybUAgLlkxbTb2:wanoeeXybyIT2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1336e427867fe6bcb88cf0fceff38f4_JaffaCakes118

Files

c1336e427867fe6bcb88cf0fceff38f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a4759def91fcc118adb842f22013a28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

GetAtomNameW
GetLastError
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapSetInformation
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleHandleW
Sleep
MulDiv
GetTickCount
ExitProcess

user32

CreateWindowExW
RegisterClassW
SystemParametersInfoW
LoadImageW
RegisterShellHookWindow
MonitorFromPoint
SetRect
GetSystemMetrics
CopyRect
GetParent
GetWindowThreadProcessId
GetForegroundWindow
EqualRect
UnionRect
MapWindowPoints
GetClientRect
GetWindowLongW
GetGUIThreadInfo
InternalGetWindowText
SendMessageTimeoutW
IsWindowVisible
IsZoomed
IsIconic
GetWindow
GetWindowInfo
InflateRect
GetWindowRgn
IntersectRect
PrintWindow
EnumThreadWindows
GetSysColorBrush
LoadCursorW
PostQuitMessage
DefWindowProcW
DestroyWindow
SetTimer
GetLastInputInfo
SetWindowRgn
SetWindowPos
InvalidateRect
UpdateWindow
FindWindowW
MessageBoxW
SendMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyIcon
DeregisterShellHookWindow
KillTimer
AnimateWindow
ShowWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
OffsetRect
IsWindow
RegisterWindowMessageW

gdi32

GetRegionData
ExtCreateRegion
GetRgnBox
CombineRgn
CreateRectRgn
CreateFontIndirectW
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

ole32

CoInitialize
CoUninitialize

gdiplus

GdipFlush
GdipGetRegionHRgn
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHDC
GdipCreateFromHWND
GdipDrawImageI
GdiplusShutdown
GdiplusStartup
GdipDisposeImage
GdipDeleteGraphics
GdipCloneImage
GdipDeleteRegion
GdipSetEmpty
GdipCombineRegionRegion
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipDrawImageRectI
GdipSetClipHrgn
GdipResetClip
GdipCreateRegion
GdipCreateRegionRectI
GdipCreateRegionHrgn
GdipGetDC
GdipReleaseDC
GdipAlloc
GdipFree
GdipSetInterpolationMode

vtthooks

?InstallHooks@@YG_NPAUHWND__@@@Z
?LockShare@@YG_NXZ
?share@@3PAUHooksShareData@@A
?UninstallHooks@@YG_NXZ
?UnlockShare@@YGXXZ

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9a4759def91fcc118adb842f22013a28

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

ole32

gdiplus

vtthooks

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 388B

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 83KB - Virtual size: 85KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 388B

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 83KB - Virtual size: 85KB