90f113275ecb5daa256789be7aebcfe1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

90f113275ecb5daa256789be7aebcfe1_JaffaCakes118
Size

280KB
MD5

90f113275ecb5daa256789be7aebcfe1
SHA1

18a5ec51a66e7e2089a80d581e78c1d5d3004756
SHA256

eb25cfe597594c9b0c9811f961020c40490c1a788cf0104d8f66dc2d741908d0
SHA512

0d355f2079519ce427fb0310e2dd763eb5d51143117180edd21f3f3a23ed772d542bef7f64acc794fb34e1520ca4cff0285722e0d1476d551053af44ee085ed0
SSDEEP

6144:cqnUMBH2gzuBu02UiO0Qp9Gr9SKqMYgpwp:x/DzuBD20b3GoWp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90f113275ecb5daa256789be7aebcfe1_JaffaCakes118

Files

90f113275ecb5daa256789be7aebcfe1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

798a6291bb073f81035528be7b366ad0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

_TrackMouseEvent
ImageList_DrawEx
ImageList_GetIconSize
ord17

shlwapi

PathFindFileNameW

user32

GetCursor
GetAncestor
MsgWaitForMultipleObjectsEx
FrameRect
DrawFocusRect
GetWindowThreadProcessId
SetForegroundWindow
OffsetRect
GetMessagePos
MessageBeep
GetDC
KillTimer
GetKeyState
GetWindowTextW
CreateIconIndirect
InflateRect
GetClientRect
SendMessageW
GetWindowLongW
GetIconInfo
DestroyIcon
CopyRect
SetLayeredWindowAttributes
DestroyWindow
SetRect
SystemParametersInfoW
DrawTextW
LoadBitmapW
GetFocus
PeekMessageW
SetWindowPos
SetFocus
GetPropW
SetWindowLongW
GetParent
GetWindowPlacement
RegisterWindowMessageW
ScreenToClient
GetDesktopWindow
SetCursor
FindWindowW
RedrawWindow
CopyImage
RemovePropW
GetDlgItem
IsWindowVisible
SetWindowRgn
WindowFromPoint
GetSysColorBrush
MapDialogRect
GetWindowDC
EnableWindow
CreateWindowExW
ReleaseDC
GetWindowRect
ClientToScreen
GetSysColor
PostMessageW
PtInRect
IsWindow
InvalidateRect
GetClassInfoW
GetForegroundWindow
UpdateWindow
SetTimer
CallWindowProcW
FillRect
GetSystemMetrics
GetCursorPos
SetPropW
LoadCursorW
AttachThreadInput
LoadImageW
DefWindowProcW
IntersectRect
LoadIconW
BringWindowToTop

advapi32

RegCreateKeyExW
CryptAcquireContextW
LookupAccountNameW
ConvertSidToStringSidW
GetUserNameW
RegOpenKeyExW
SetEntriesInAclW
RegQueryValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptReleaseContext
AllocateAndInitializeSid
RegSetValueExW
CryptGenRandom
RegCloseKey
RegQueryValueExW
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
FreeSid
InitializeSecurityDescriptor
GetSecurityDescriptorSacl

oleaut32

SysFreeString
SysAllocString

msimg32

AlphaBlend
GradientFill

kernel32

GetLocalTime
WaitForMultipleObjects
WaitForSingleObject
EnterCriticalSection
OutputDebugStringW
FreeLibrary
LockResource
VirtualQuery
UnhandledExceptionFilter
GetCurrentThreadId
OpenEventW
CloseHandle
CreateThread
OpenFileMappingW
FindResourceW
LocalUnlock
FindFirstFileW
FindClose
SetLastError
LeaveCriticalSection
SetFilePointer
ResetEvent
DeleteFileW
CreateFileMappingW
lstrlenW
LocalFree
OpenMutexW
FindNextFileW
CreateMutexW
GetModuleHandleW
WinExec
MapViewOfFile
LocalLock
LoadResource
GetSystemTimeAsFileTime
lstrcpyW
UnmapViewOfFile
SetFileAttributesW
lstrlenA
WriteFile
IsDebuggerPresent
LocalAlloc
CreateFileW
SetUnhandledExceptionFilter
WideCharToMultiByte
CreateEventW
ReleaseMutex
DeleteCriticalSection
GetVersion
VirtualAlloc

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

gdi32

CreateDIBSection
ExcludeClipRect
CreateRectRgn
GetDeviceCaps
GetTextExtentPoint32W
SetStretchBltMode
SetPixel
MoveToEx
FrameRgn
GetTextMetricsW
StretchBlt
GetPixel
SetTextColor
SetTextJustification
CreateFontIndirectW
TextOutW
FillRgn
GetObjectW
LineTo
CreateCompatibleBitmap
CombineRgn
DeleteObject
CreateCompatibleDC
DeleteDC
SetBkColor
Polygon
CreateSolidBrush
GetTextFaceW
GetDIBits
GetStockObject
CreatePen
CreateRoundRectRgn
SelectObject
CreatePolygonRgn
SetBkMode
BitBlt
CreateDCW
CreateDIBPatternBrushPt
CreatePolyPolygonRgn
CreateScalableFontResourceW
CreateBitmap
TranslateCharsetInfo
UpdateICMRegKeyW
AddFontResourceA

shell32

SHGetFolderPathW
SHCreateDirectoryExW
ShellExecuteW

schannel

MakeSignature
InitSecurityInterfaceA
SslEmptyCacheW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 230KB - Virtual size: 657KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

798a6291bb073f81035528be7b366ad0

Headers

File Characteristics

Imports

comctl32

shlwapi

user32

advapi32

oleaut32

msimg32

kernel32

ole32

gdi32

shell32

schannel

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 230KB - Virtual size: 657KB

.rsrc Size: 17KB - Virtual size: 63KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 230KB - Virtual size: 657KB

.rsrc
Size: 17KB - Virtual size: 63KB