28e239b2b0801db8a3010c30dfb456d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28e239b2b0801db8a3010c30dfb456d1_JaffaCakes118
Size

364KB
MD5

28e239b2b0801db8a3010c30dfb456d1
SHA1

f673c2ee9983a732c3726697f6b76b1936bd529b
SHA256

bc80f4ee2a0c3c366d4b92a3bdde3dea552f5d3308dadfe38eb098e5e1da4f86
SHA512

6cccf88b36b558218fc1ae58c7709378f2bb883f28dbe013e8aee4b0641c3f43f6c1ecec5235f8e1621750f08caf9efe8be899d3300998e35e8de4578a257003
SSDEEP

6144:B9IAs5KysvpL9rxKympgHI8FrJSjpr3Eyjs0nbI6Cx9Le4XepU6AvI8Skuv22vrK:zI/56hL9YymiS1Eyjs0bJJG3Lu3vFw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28e239b2b0801db8a3010c30dfb456d1_JaffaCakes118

Files

28e239b2b0801db8a3010c30dfb456d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

add01614362b04874741ea66fd3fc133

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

IntersectClipRect
Polygon
Rectangle
DPtoLP
Polyline
SetTextColor
StretchBlt
BitBlt
GetObjectW
GetTextColor
GetCurrentObject
SelectObject
SetStretchBltMode
CreatePen
SetBkMode
GetDeviceCaps
SetBrushOrgEx
MoveToEx
SetBkColor
CreateCompatibleBitmap
GetStretchBltMode
GetStockObject
CreateDIBSection
CreateCompatibleDC
OffsetViewportOrgEx
DeleteDC
RestoreDC
GetBkColor
GetBkMode
CreateSolidBrush
SetViewportOrgEx
ExcludeClipRect
GetBrushOrgEx
CreateFontIndirectW
SaveDC
DeleteObject
LPtoDP
LineTo

shlwapi

StrCatBuffW

user32

LoadImageW
SetCursor
EndPaint
GetIconInfo
WindowFromPoint
SetParent
GetUpdateRect
IsWindowVisible
IsWindow
SendMessageW
SetWindowPos
TranslateMessage
LoadCursorW
PostQuitMessage
ValidateRect
CreateWindowExW
ReleaseDC
ShowWindow
MoveWindow
SetTimer
LoadStringW
GetMessageW
wsprintfW
DrawTextW
OffsetRect
KillTimer
GetDoubleClickTime
GetWindowDC
PostMessageW
ClientToScreen
CallMsgFilterW
SetCapture
GetDC
RegisterClassExW
FillRect
GetPropW
GetSystemMetrics
DestroyWindow
ScreenToClient
EnumChildWindows
GetWindow
InflateRect
DispatchMessageW
DefWindowProcW
PtInRect
UnregisterClassW
GetCursorPos
InvalidateRect
GetClientRect
BeginPaint
ClipCursor
DrawIcon
GetDesktopWindow
ReleaseCapture
SetPropW
SetFocus
GetWindowRect

ole32

StringFromCLSID
CoTaskMemFree

kernel32

GetStdHandle
ExitProcess
SetHandleCount
TlsAlloc
LCMapStringW
VirtualProtect
IsBadReadPtr
FileTimeToSystemTime
GetProcAddress
VirtualAlloc
HeapReAlloc
FreeLibrary
GetModuleFileNameW
GetOEMCP
HeapCreate

cfgmgr32

CM_Get_Version_Ex
CM_Move_DevNode

advapi32

RegQueryValueExA
RegCloseKey
RegQueryValueW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyA
RegQueryValueExW
RegOpenKeyExW

dinput8

DirectInput8Create

msi

MsiDatabaseExportW

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

add01614362b04874741ea66fd3fc133

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

shlwapi

user32

ole32

kernel32

cfgmgr32

advapi32

dinput8

msi

Sections

.text Size: 159KB - Virtual size: 159KB

.rdata Size: 188KB - Virtual size: 187KB

.reloc Size: 512B - Virtual size: 32B

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 40KB - Virtual size: 40KB

.data Size: 64KB - Virtual size: 1.8MB

.text
Size: 159KB - Virtual size: 159KB

.rdata
Size: 188KB - Virtual size: 187KB

.reloc
Size: 512B - Virtual size: 32B

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 40KB - Virtual size: 40KB

.data
Size: 64KB - Virtual size: 1.8MB