de2a4736e81031fede79224139872503_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de2a4736e81031fede79224139872503_JaffaCakes118
Size

192KB
MD5

de2a4736e81031fede79224139872503
SHA1

28ef9085e6d7919144892ff954535d3f788aaadb
SHA256

699ee03a4a7763e4e4db251d7704263344ce10980ca39b3ff77a25d4647b2fca
SHA512

f1ae0e2c6854afd3d060c045c24870d535f30216a16538b85fe40246e5965ccef797819624a393909fd4b2dacc95b27e18e24888e3d5d28a3389171927ac38ae
SSDEEP

3072:76QsxVEd0NCBK+blgns8+fOXErM7l3PkA1R6pQ1KYwGxsD:+Qsg/BK+pgsxmXEM7l3PkAK8Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de2a4736e81031fede79224139872503_JaffaCakes118

Files

de2a4736e81031fede79224139872503_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a33d9eabbbd10153f2832b493dc98eec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

kernel32

SetThreadPriority
MultiByteToWideChar
GlobalAlloc
TlsFree
CreateMutexA
GetCurrentProcessId
LoadLibraryA
GetCalendarInfoW
UnhandledExceptionFilter
GetSystemInfo
CloseHandle
WideCharToMultiByte
IsDebuggerPresent
GetFileTime
GetSystemDirectoryA
GetCurrentThreadId
GetLocalTime
GetCurrentThread
GlobalLock
GetCurrentProcess
TlsSetValue
GetSystemTimeAsFileTime
GetCurrentDirectoryA
TlsGetValue
CreateFileA
FreeLibrary
InterlockedIncrement
FindNextFileA
GetTimeFormatA
ReleaseSemaphore
DeleteFileW
GetFileSize
InterlockedExchange
GetACP
EnumResourceNamesA
IsProcessorFeaturePresent
GetLocaleInfoA
GlobalSize
GetUserDefaultLangID
CreateSemaphoreA
TerminateProcess
FindClose
QueryPerformanceCounter
GetModuleFileNameA
ReleaseMutex
GetProfileStringW
SetUnhandledExceptionFilter
InitializeCriticalSection
GetEnvironmentVariableW
GetDateFormatW
GetLastError
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
InterlockedCompareExchange
GetTimeFormatW
GetWindowsDirectoryA
GetSystemDefaultLCID
Sleep
SetCurrentDirectoryA
ExitProcess
LocalAlloc
lstrlenW
GetThreadPriority
GetTickCount
ReadFile
GetProcAddress
GetTempPathW
GetThreadLocale
LeaveCriticalSection
GlobalUnlock
lstrcmpW
GetVersionExA
GetModuleHandleA
GlobalFree
FindFirstFileA
GetDateFormatA
RaiseException

shlwapi

PathRemoveFileSpecA
PathAppendA

ole32

CoFreeUnusedLibraries
CoRevokeClassObject
CoInitialize
CLSIDFromProgID
CoCreateInstance
CoGetProcessIdentifier
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
OleUninitialize
CoTaskMemAlloc
OleFlushClipboard
CoRegisterMessageFilter
OleInitialize
CoTaskMemFree
CoUninitialize
CLSIDFromString

gdi32

CreatePolyPolygonRgn
GetStockObject
DeleteObject
PolylineTo
CombineRgn
RestoreDC
ResetDCW
ModifyWorldTransform
RealizePalette
SaveDC
SetPolyFillMode
IntersectClipRect
Escape
CreateCompatibleDC
SetBrushOrgEx
SetROP2
AbortDoc
CreateBitmap
SetDIBits
Rectangle
CreatePatternBrush
EqualRgn
GetRgnBox
SelectPalette
GetDIBColorTable
DeleteDC
GetClipBox
CreateRectRgn
StrokePath
GetDeviceCaps
GetViewportOrgEx
FillPath
CreateICW
EndPath
CloseFigure
BeginPath
BitBlt
SelectClipPath
CreateDIBSection
GetObjectA
ExtEscape
EndPage
EndDoc
StartDocW
GetWorldTransform
SetMiterLimit
SetWorldTransform
CreateDCW
ExtSelectClipRgn
StartPage
SelectClipRgn
PatBlt
CreateBrushIndirect
SetGraphicsMode
GetGraphicsMode
StretchBlt
SetStretchBltMode
LineTo
OffsetRgn
MoveToEx
ExtCreatePen
CreatePalette
CreateCompatibleBitmap
SelectObject
StretchDIBits
GetRegionData
GetCurrentObject
PolyBezierTo
PolyDraw

user32

SetWindowPos
SetActiveWindow
GetDC
EnumDisplayMonitors
LoadCursorA
WindowFromDC
OffsetRect
GetMonitorInfoA
GetDesktopWindow
CreateWindowExA
GetActiveWindow
ScrollWindowEx
MonitorFromWindow
DestroyWindow
LoadIconA
RegisterClassA
DefWindowProcA
CharNextW
GetWindowRect
ReleaseDC
GetClientRect
GetSystemMetrics
MonitorFromPoint
UnregisterClassA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a33d9eabbbd10153f2832b493dc98eec

Headers

File Characteristics

Imports

msimg32

kernel32

shlwapi

ole32

gdi32

user32

advapi32

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 77KB - Virtual size: 77KB

.edata Size: 1024B - Virtual size: 68KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 77KB - Virtual size: 77KB

.edata
Size: 1024B - Virtual size: 68KB