54920a8637c5f205d34db9c5487de5f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

54920a8637c5f205d34db9c5487de5f0_JaffaCakes118
Size

187KB
MD5

54920a8637c5f205d34db9c5487de5f0
SHA1

b4494ea442e9e9e6e9b8e7275245ac208d1afdc9
SHA256

b5443820764ed40f0b2e6ba7dd43cd601824c821aa037312b2e599d149b34d7c
SHA512

141180141b949bc725cdc8df5edef742eb68c070378139ae4f053fcee8f4b1136784a817ca562b9e64d752d44f8405a7a6fc361505e7e67091983b03de0f4c5c
SSDEEP

3072:iiBpUesmnSVOUlZvaUBcnPcHuY8RTWdv/NkZBS8F01+x+TfTWVa:vBpUesmE7LBUnb5av/Gam8TrWV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54920a8637c5f205d34db9c5487de5f0_JaffaCakes118

Files

54920a8637c5f205d34db9c5487de5f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

085586a5dcb5a7fb9a3e35b6a229beb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

user32

GetActiveWindow
LoadIconA
CreateWindowExA
SetWindowPos
ScrollWindowEx
MonitorFromPoint
ReleaseDC
WindowFromDC
GetSystemMetrics
OffsetRect
GetDesktopWindow
GetClientRect
SetActiveWindow
RegisterClassA
EnumDisplayMonitors
DestroyWindow
GetDC
GetMonitorInfoA
CharNextW
MonitorFromWindow
LoadCursorA
GetWindowRect
DefWindowProcA
UnregisterClassA

ole32

CoFreeUnusedLibraries
CoTaskMemFree
OleIsCurrentClipboard
CoRevokeClassObject
CoGetProcessIdentifier
CoTaskMemAlloc
OleFlushClipboard
CoCreateInstance
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoInitialize
OleInitialize
OleUninitialize
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateILockBytesOnHGlobal
CoUninitialize
CLSIDFromString

kernel32

WaitForSingleObject
GlobalFree
GetFileTime
GetCalendarInfoW
GetVersionExA
InterlockedExchange
EnterCriticalSection
GetModuleHandleA
SetThreadPriority
GetTempPathW
IsProcessorFeaturePresent
ReadFile
GetCurrentProcessId
GetTimeFormatW
GlobalUnlock
MultiByteToWideChar
LoadLibraryA
DeleteFileW
GetCurrentThread
FindClose
LocalAlloc
CreateFileA
GetFileSize
QueryPerformanceCounter
LeaveCriticalSection
ReleaseMutex
GetTickCount
GetLastError
GetThreadLocale
CloseHandle
SetCurrentDirectoryA
SetUnhandledExceptionFilter
GetDateFormatA
DeleteCriticalSection
lstrcmpW
ReleaseSemaphore
TerminateProcess
GetThreadPriority
EnumResourceNamesA
FindNextFileA
CreateSemaphoreA
WideCharToMultiByte
GetCurrentProcess
GetACP
GlobalSize
GetProcAddress
GetEnvironmentVariableW
GetProfileStringW
GetCurrentDirectoryA
GetDateFormatW
GetSystemTimeAsFileTime
CreateMutexA
GetCurrentThreadId
InterlockedIncrement
GetWindowsDirectoryA
GetModuleFileNameA
GetLocaleInfoA
GetSystemInfo
GetSystemDirectoryA
InitializeCriticalSection
FindFirstFileA
lstrlenW
GetSystemDefaultLCID
GetTimeFormatA
GlobalLock
GetLocalTime
TlsFree
GetUserDefaultLangID
TlsSetValue
TlsGetValue
IsDebuggerPresent
InterlockedCompareExchange
GlobalAlloc
Sleep
FreeLibrary
UnhandledExceptionFilter
ExitProcess
RaiseException

shlwapi

PathRemoveFileSpecA
PathAppendA

gdi32

GetGraphicsMode
GetStockObject
CreatePatternBrush
SelectClipPath
ExtSelectClipRgn
AbortDoc
GetRgnBox
CreateBitmap
MoveToEx
SetPolyFillMode
SetROP2
EndPath
SelectObject
CreateICW
PolyBezierTo
SetMiterLimit
SetStretchBltMode
StretchDIBits
CreateRectRgn
OffsetRgn
CloseFigure
DeleteDC
CreateBrushIndirect
CreatePolyPolygonRgn
SetBrushOrgEx
GetDIBColorTable
GetObjectA
DeleteObject
GetCurrentObject
ExtEscape
EndDoc
EndPage
PatBlt
EqualRgn
SetWorldTransform
StretchBlt
CreateDIBSection
ResetDCW
PolylineTo
IntersectClipRect
GetDeviceCaps
Rectangle
ModifyWorldTransform
RestoreDC
SaveDC
SelectPalette
Escape
LineTo
StartDocW
CreatePalette
SelectClipRgn
CreateCompatibleBitmap
GetViewportOrgEx
GetRegionData
RealizePalette
SetGraphicsMode
FillPath
StartPage
CreateDCW
BitBlt
StrokePath
BeginPath
GetWorldTransform
ExtCreatePen
GetClipBox
SetDIBits
CreateCompatibleDC
CombineRgn
PolyDraw

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

085586a5dcb5a7fb9a3e35b6a229beb4

Headers

File Characteristics

Imports

msimg32

advapi32

user32

ole32

kernel32

shlwapi

gdi32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 72KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 72KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 240KB