e40061adb0a7d4632d60dd05a141a9dd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e40061adb0a7d4632d60dd05a141a9dd_JaffaCakes118
Size

176KB
MD5

e40061adb0a7d4632d60dd05a141a9dd
SHA1

b2be93887080ae26bf970ed8445fc8220721fb13
SHA256

8b46106985b66c08217ca954ce45e0782cc9656fc7ed2b1fe189b2fc8bd21281
SHA512

cc2d2acfc8ae52991d17021a71a9b4cba5390c7f668ba43b9be1b0b34c5ae56c3ba07dc05ace84fd81208aa05e1874b18d926bbb802bbabfd2cde7b8ab5942b6
SSDEEP

3072:GJ4ujspDuTsIDV/gWtgapfGOLxJUgi9WSV4x7KEigdG:GJtwSsIJ/g9apeOLjb6VV4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e40061adb0a7d4632d60dd05a141a9dd_JaffaCakes118

Files

e40061adb0a7d4632d60dd05a141a9dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4c6a3874d683fe5405d74d8fa250f1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

user32

GetSystemMetrics
MonitorFromWindow
SetActiveWindow
MonitorFromPoint
GetDesktopWindow
GetDC
LoadCursorA
SetWindowPos
RegisterClassA
DestroyWindow
WindowFromDC
ReleaseDC
GetClientRect
LoadIconA
ScrollWindowEx
CharNextW
GetMonitorInfoA
DefWindowProcA
EnumDisplayMonitors
CreateWindowExA
GetActiveWindow
GetWindowRect
OffsetRect
UnregisterClassA

kernel32

UnhandledExceptionFilter
lstrlenW
GetCalendarInfoW
ReleaseMutex
GetLocaleInfoA
GetCurrentDirectoryA
CloseHandle
SetUnhandledExceptionFilter
FindFirstFileA
WaitForSingleObject
GetProfileStringW
TerminateProcess
GetTempPathW
LocalAlloc
TlsSetValue
GetProcAddress
GetDateFormatW
GetCurrentProcessId
QueryPerformanceCounter
FindNextFileA
GetLastError
CreateSemaphoreA
SetCurrentDirectoryA
ExitProcess
LeaveCriticalSection
WideCharToMultiByte
GetSystemInfo
lstrcmpW
GetThreadPriority
InterlockedCompareExchange
GetCurrentThread
GlobalUnlock
GetCurrentProcess
GetModuleFileNameA
ReleaseSemaphore
GetWindowsDirectoryA
GetTimeFormatW
Sleep
InterlockedIncrement
MultiByteToWideChar
InterlockedExchange
IsDebuggerPresent
EnumResourceNamesA
GetDateFormatA
GetUserDefaultLangID
GetEnvironmentVariableW
GetTickCount
CreateFileA
GlobalSize
GetSystemDirectoryA
GetTimeFormatA
GlobalAlloc
ReadFile
InitializeCriticalSection
GetSystemDefaultLCID
DeleteFileW
SetThreadPriority
GlobalFree
CreateMutexA
GetVersionExA
GetLocalTime
GetFileTime
GetCurrentThreadId
LoadLibraryA
GetModuleHandleA
TlsGetValue
GetACP
GetThreadLocale
GetSystemTimeAsFileTime
DeleteCriticalSection
GetFileSize
IsProcessorFeaturePresent
GlobalLock
FreeLibrary
EnterCriticalSection
FindClose
TlsFree
RaiseException

gdi32

PolyBezierTo
SetROP2
EqualRgn
StartPage
SelectObject
GetCurrentObject
GetObjectA
IntersectClipRect
StretchBlt
CreateICW
CloseFigure
GetDIBColorTable
Rectangle
DeleteDC
MoveToEx
EndPage
PatBlt
GetViewportOrgEx
OffsetRgn
PolylineTo
RealizePalette
StrokePath
CreateDIBSection
GetGraphicsMode
StretchDIBits
EndDoc
BitBlt
RestoreDC
EndPath
LineTo
CombineRgn
CreateBrushIndirect
AbortDoc
BeginPath
ModifyWorldTransform
CreatePatternBrush
ExtEscape
GetRegionData
ExtCreatePen
ExtSelectClipRgn
Escape
SetGraphicsMode
SetStretchBltMode
SelectPalette
GetStockObject
SetBrushOrgEx
GetDeviceCaps
CreateCompatibleDC
CreatePalette
GetRgnBox
SetDIBits
GetClipBox
CreateBitmap
CreatePolyPolygonRgn
GetWorldTransform
FillPath
ResetDCW
CreateRectRgn
CreateDCW
SelectClipRgn
SaveDC
StartDocW
SetPolyFillMode
CreateCompatibleBitmap
SetMiterLimit
SetWorldTransform
SelectClipPath
DeleteObject
PolyDraw

ole32

CLSIDFromProgID
CoFreeUnusedLibraries
OleInitialize
OleIsCurrentClipboard
CoCreateInstance
CoRetireServer
CoUninitialize
CoTaskMemFree
CoRegisterMessageFilter
CoGetClassObject
CoInitialize
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
OleFlushClipboard
OleUninitialize
CoRevokeClassObject
CreateILockBytesOnHGlobal
CLSIDFromString

shlwapi

PathRemoveFileSpecA
PathAppendA

msimg32

AlphaBlend

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4c6a3874d683fe5405d74d8fa250f1e

Headers

File Characteristics

Imports

advapi32

user32

kernel32

gdi32

ole32

shlwapi

msimg32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 68KB - Virtual size: 67KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 68KB - Virtual size: 67KB

.edata
Size: 1024B - Virtual size: 92KB