d09ffb26fc947fd4926587f1296fd044_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d09ffb26fc947fd4926587f1296fd044_JaffaCakes118
Size

193KB
MD5

d09ffb26fc947fd4926587f1296fd044
SHA1

3391f86ef7299367918e10fd19fcdf105a7b6449
SHA256

19fd8d061ae0bb74009dd0ce6d56b4181b3c1ca9927565d80deb750ccd8585f9
SHA512

39127d2a0108f14dfb3efd468af4e96b0e537d342770264e484d9379590ede8895ac94417decfcdab496e73d48cb9e3ebaa645ba60824c542a4e4b0d8a70f8e1
SSDEEP

3072:Ymq5IbxCYsMfLo1ZFZD0bNUFPXGs0+02d63lm/UWJcqy4kHm+SVw0f2dP:Yi/swLYXZ4wGs0Ud61m/UWdkG+01f2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d09ffb26fc947fd4926587f1296fd044_JaffaCakes118

Files

d09ffb26fc947fd4926587f1296fd044_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68f24e87004d4867cc9492ae8f317050

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecA
PathAppendA

kernel32

lstrlenW
FindFirstFileA
IsDebuggerPresent
FindClose
GetCalendarInfoW
CloseHandle
GetDateFormatA
GlobalUnlock
GetCurrentThread
TlsGetValue
GetTimeFormatA
EnterCriticalSection
GetCurrentDirectoryA
WideCharToMultiByte
GetFileSize
LocalAlloc
LeaveCriticalSection
GetVersionExA
GetWindowsDirectoryA
GlobalSize
GetLocalTime
SetCurrentDirectoryA
InterlockedExchange
CreateMutexA
GetThreadPriority
ReleaseMutex
Sleep
SetUnhandledExceptionFilter
ReleaseSemaphore
TlsSetValue
GetProcAddress
GetLocaleInfoA
LoadLibraryA
EnumResourceNamesA
CreateSemaphoreA
GetModuleHandleA
GetSystemDirectoryA
GetLastError
GetTempPathW
GetProfileStringW
InterlockedIncrement
GlobalFree
MultiByteToWideChar
SetThreadPriority
GetSystemInfo
WaitForSingleObject
FindNextFileA
CreateFileA
GetCurrentProcess
GetFileTime
GetCurrentProcessId
DeleteCriticalSection
GlobalAlloc
IsProcessorFeaturePresent
GetACP
FreeLibrary
DeleteFileW
QueryPerformanceCounter
GetEnvironmentVariableW
TlsFree
GetThreadLocale
InitializeCriticalSection
ReadFile
GetSystemDefaultLCID
UnhandledExceptionFilter
GetModuleFileNameA
GetDateFormatW
GlobalLock
GetUserDefaultLangID
InterlockedCompareExchange
GetTimeFormatW
lstrcmpW
GetSystemTimeAsFileTime
ExitProcess
GetTickCount
GetCurrentThreadId
TerminateProcess
RaiseException

msimg32

AlphaBlend

ole32

CoRegisterMessageFilter
CoTaskMemAlloc
CoUninitialize
OleUninitialize
CoGetProcessIdentifier
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleInitialize
StgOpenStorageOnILockBytes
CoCreateInstance
OleFlushClipboard
CoInitialize
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
CLSIDFromProgID
OleIsCurrentClipboard
CoGetClassObject
CoTaskMemFree
CLSIDFromString

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

user32

RegisterClassA
CharNextW
MonitorFromPoint
GetDC
OffsetRect
LoadCursorA
SetWindowPos
GetClientRect
GetSystemMetrics
ReleaseDC
EnumDisplayMonitors
GetDesktopWindow
ScrollWindowEx
GetWindowRect
MonitorFromWindow
DestroyWindow
LoadIconA
SetActiveWindow
DefWindowProcA
WindowFromDC
GetMonitorInfoA
CreateWindowExA
GetActiveWindow
UnregisterClassA

gdi32

EndPage
CreatePolyPolygonRgn
SetGraphicsMode
StartPage
RestoreDC
CreateBitmap
CloseFigure
DeleteDC
EqualRgn
CreateICW
IntersectClipRect
MoveToEx
ExtCreatePen
GetObjectA
BitBlt
CreateBrushIndirect
CreateCompatibleDC
SetBrushOrgEx
DeleteObject
FillPath
PolyBezierTo
GetCurrentObject
SelectObject
RealizePalette
GetWorldTransform
GetDeviceCaps
GetDIBColorTable
LineTo
EndPath
EndDoc
GetRgnBox
SetStretchBltMode
SelectClipPath
SelectClipRgn
StrokePath
SetROP2
CreateDIBSection
GetStockObject
ExtSelectClipRgn
Escape
PatBlt
BeginPath
GetGraphicsMode
CreatePalette
StartDocW
SaveDC
AbortDoc
GetRegionData
GetClipBox
OffsetRgn
SetMiterLimit
CombineRgn
StretchBlt
ExtEscape
SetWorldTransform
CreateDCW
GetViewportOrgEx
Rectangle
ModifyWorldTransform
SetPolyFillMode
SetDIBits
SelectPalette
ResetDCW
CreateCompatibleBitmap
PolylineTo
CreateRectRgn
StretchDIBits
CreatePatternBrush
PolyDraw

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68f24e87004d4867cc9492ae8f317050

Headers

File Characteristics

Imports

shlwapi

kernel32

msimg32

ole32

advapi32

user32

gdi32

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 79KB - Virtual size: 78KB

.edata Size: 1024B - Virtual size: 112KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 79KB - Virtual size: 78KB

.edata
Size: 1024B - Virtual size: 112KB