279915192390b6e80918e4e477f63c1b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

279915192390b6e80918e4e477f63c1b_JaffaCakes118
Size

176KB
MD5

279915192390b6e80918e4e477f63c1b
SHA1

f3c6bad10be9b15d95acfb30203fffcafc66b7c7
SHA256

a5828a50540621eb884d1a70fb8221425be22c85f9a3c82a72e6e7105fc8a1b7
SHA512

ba9234779b521cac83597e8ef3ae393615fb3e4a826e71df82610be8422cdc0c277aa1c06252a83fe94cdc801e9180ccedc0765a7caa243f59f278a26e734b32
SSDEEP

3072:CiJsAV1Kqx8cMEtbtYWwQ6x0aeEuQmtyYGopKjF3jLRzExNFef7LJdNM:9Jaqx8+tbtY8XaDJmtyYGoYrEg3N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279915192390b6e80918e4e477f63c1b_JaffaCakes118

Files

279915192390b6e80918e4e477f63c1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9501e49c903fe5f9b97a45388370c52a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

kernel32

ReleaseSemaphore
TerminateProcess
GetWindowsDirectoryA
GetLocalTime
GetCalendarInfoW
LeaveCriticalSection
InterlockedExchange
QueryPerformanceCounter
IsDebuggerPresent
GetVersionExA
TlsSetValue
FreeLibrary
ReleaseMutex
GetSystemTimeAsFileTime
SetThreadPriority
IsProcessorFeaturePresent
SetCurrentDirectoryA
GetModuleFileNameA
GetSystemDefaultLCID
InterlockedIncrement
Sleep
InterlockedCompareExchange
CreateFileA
GetACP
CreateMutexA
GetCurrentThreadId
GetEnvironmentVariableW
GetTempPathW
DeleteCriticalSection
MultiByteToWideChar
SetUnhandledExceptionFilter
GetProcAddress
CloseHandle
TlsGetValue
ExitProcess
LocalAlloc
lstrlenW
EnterCriticalSection
GetUserDefaultLangID
GetLastError
UnhandledExceptionFilter
EnumResourceNamesA
GetModuleHandleA
LoadLibraryA
GetCurrentThread
GetFileTime
WideCharToMultiByte
GetLocaleInfoA
GetDateFormatA
GlobalAlloc
GetSystemDirectoryA
TlsFree
GetCurrentDirectoryA
GetThreadLocale
InitializeCriticalSection
lstrcmpW
FindClose
GetTickCount
GetSystemInfo
DeleteFileW
FindFirstFileA
CreateSemaphoreA
GetDateFormatW
GetTimeFormatW
GetThreadPriority
FindNextFileA
WaitForSingleObject
GetCurrentProcessId
GlobalUnlock
GlobalFree
GetProfileStringW
GlobalSize
GetFileSize
ReadFile
GlobalLock
GetTimeFormatA
GetCurrentProcess
RaiseException

user32

SetActiveWindow
GetDC
MonitorFromWindow
LoadCursorA
GetWindowRect
ScrollWindowEx
DefWindowProcA
GetSystemMetrics
GetMonitorInfoA
GetClientRect
DestroyWindow
MonitorFromPoint
WindowFromDC
LoadIconA
OffsetRect
CharNextW
GetDesktopWindow
CreateWindowExA
ReleaseDC
SetWindowPos
GetActiveWindow
RegisterClassA
EnumDisplayMonitors
UnregisterClassA

gdi32

GetWorldTransform
ExtEscape
ModifyWorldTransform
SetMiterLimit
LineTo
SetWorldTransform
SaveDC
StretchDIBits
CreateICW
PolyBezierTo
CombineRgn
GetDeviceCaps
IntersectClipRect
GetRgnBox
SetStretchBltMode
OffsetRgn
EndPath
GetClipBox
SetGraphicsMode
ExtCreatePen
EndPage
DeleteDC
CreatePalette
EqualRgn
BeginPath
StartDocW
MoveToEx
SetBrushOrgEx
BitBlt
Escape
DeleteObject
StartPage
CreatePatternBrush
RestoreDC
CloseFigure
GetGraphicsMode
CreateCompatibleDC
GetDIBColorTable
SetROP2
CreateDCW
CreateCompatibleBitmap
SelectClipPath
CreateDIBSection
RealizePalette
CreateRectRgn
SelectClipRgn
CreateBrushIndirect
ExtSelectClipRgn
CreatePolyPolygonRgn
CreateBitmap
GetObjectA
GetCurrentObject
Rectangle
EndDoc
SetPolyFillMode
PatBlt
FillPath
PolylineTo
StrokePath
SetDIBits
AbortDoc
SelectObject
GetViewportOrgEx
SelectPalette
GetRegionData
StretchBlt
GetStockObject
ResetDCW
PolyDraw

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

shlwapi

PathRemoveFileSpecA
PathAppendA

ole32

OleInitialize
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoGetClassObject
CoGetProcessIdentifier
OleFlushClipboard
CoInitialize
OleUninitialize
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CLSIDFromProgID
CoUninitialize
CLSIDFromString

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9501e49c903fe5f9b97a45388370c52a

Headers

File Characteristics

Imports

msimg32

kernel32

user32

gdi32

advapi32

shlwapi

ole32

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 69KB - Virtual size: 69KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 69KB - Virtual size: 69KB

.edata
Size: 1024B - Virtual size: 92KB