ffb1758d5658f6b3158e3f547571f581_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ffb1758d5658f6b3158e3f547571f581_JaffaCakes118
Size

186KB
MD5

ffb1758d5658f6b3158e3f547571f581
SHA1

7a0a5b3ca7725de8fea6a8b4fc3548acb92ae4b9
SHA256

b5ebd1807c7ba566efa0aa67411e13dcc41a2474a5c210d915dadd9e34c31cce
SHA512

d7172613b9cc9d61464e2eafbb04b6623cca4bae28d5557b95ad9a0ce910d4ab19f9c9a5f245edc805157e552a2a981e3299ab1ffcf193a12429adbd045e7b0b
SSDEEP

3072:vAhjPlxyPDatxM8NMW9jKIkV6kSSp91vorArlX3PyYgJcigrJBc4lj0g1jEW:vAhblxg2kZE7FSprvswaAiS/VljrE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffb1758d5658f6b3158e3f547571f581_JaffaCakes118

Files

ffb1758d5658f6b3158e3f547571f581_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0445f0a7871326eb10e4d3d4b56a5601

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

shlwapi

PathRemoveFileSpecA
PathAppendA

gdi32

SetBrushOrgEx
GetViewportOrgEx
CreateCompatibleDC
EndPage
OffsetRgn
BeginPath
EqualRgn
GetCurrentObject
CreateDIBSection
GetDeviceCaps
DeleteDC
GetDIBColorTable
CreateICW
SetStretchBltMode
CreateRectRgn
MoveToEx
SelectClipRgn
GetClipBox
CombineRgn
CloseFigure
RealizePalette
GetRgnBox
GetWorldTransform
AbortDoc
Escape
GetObjectA
IntersectClipRect
LineTo
FillPath
SelectClipPath
SetWorldTransform
GetStockObject
PolyBezierTo
PatBlt
CreateDCW
SetPolyFillMode
CreatePatternBrush
ExtSelectClipRgn
SetGraphicsMode
EndPath
StrokePath
StartPage
ResetDCW
ExtEscape
RestoreDC
PolylineTo
SaveDC
CreatePalette
CreatePolyPolygonRgn
SetDIBits
EndDoc
CreateCompatibleBitmap
StretchBlt
SelectObject
SelectPalette
SetROP2
CreateBrushIndirect
CreateBitmap
Rectangle
ExtCreatePen
StartDocW
BitBlt
GetGraphicsMode
GetRegionData
StretchDIBits
SetMiterLimit
ModifyWorldTransform
DeleteObject
PolyDraw

user32

GetDesktopWindow
SetActiveWindow
MonitorFromPoint
GetSystemMetrics
DefWindowProcA
GetDC
GetMonitorInfoA
EnumDisplayMonitors
MonitorFromWindow
GetClientRect
ScrollWindowEx
CharNextW
GetWindowRect
GetActiveWindow
RegisterClassA
LoadIconA
WindowFromDC
OffsetRect
DestroyWindow
CreateWindowExA
ReleaseDC
SetWindowPos
LoadCursorA
UnregisterClassA

ole32

OleUninitialize
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoGetProcessIdentifier
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoUninitialize
OleFlushClipboard
CoFreeUnusedLibraries
CoRevokeClassObject
OleInitialize
CoCreateInstance
CoRegisterMessageFilter
CoInitialize
CoGetClassObject
OleIsCurrentClipboard
CLSIDFromString

kernel32

Sleep
GetFileTime
InterlockedExchange
SetCurrentDirectoryA
GetCurrentProcessId
GetVersionExA
lstrlenW
WideCharToMultiByte
GlobalFree
TlsFree
GetLocalTime
GetCalendarInfoW
GetModuleFileNameA
GetThreadLocale
GetCurrentProcess
UnhandledExceptionFilter
GetLastError
ReleaseMutex
LoadLibraryA
GetLocaleInfoA
GlobalLock
GetDateFormatW
LocalAlloc
FindClose
lstrcmpW
ExitProcess
GetEnvironmentVariableW
IsProcessorFeaturePresent
TlsGetValue
GlobalAlloc
IsDebuggerPresent
WaitForSingleObject
FindFirstFileA
InterlockedIncrement
ReleaseSemaphore
DeleteCriticalSection
EnumResourceNamesA
TlsSetValue
ReadFile
GetDateFormatA
CreateFileA
MultiByteToWideChar
GetSystemInfo
TerminateProcess
LeaveCriticalSection
GetUserDefaultLangID
CloseHandle
InitializeCriticalSection
FindNextFileA
GetTempPathW
FreeLibrary
GetCurrentDirectoryA
GetACP
CreateSemaphoreA
GetModuleHandleA
SetUnhandledExceptionFilter
GetWindowsDirectoryA
EnterCriticalSection
GetFileSize
InterlockedCompareExchange
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThread
GetThreadPriority
GetSystemDefaultLCID
GetProcAddress
GetTimeFormatW
QueryPerformanceCounter
DeleteFileW
GetTimeFormatA
CreateMutexA
SetThreadPriority
GlobalUnlock
GlobalSize
GetProfileStringW
GetSystemDirectoryA
GetCurrentThreadId
RaiseException

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0445f0a7871326eb10e4d3d4b56a5601

Headers

File Characteristics

Imports

msimg32

advapi32

shlwapi

gdi32

user32

ole32

kernel32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 72KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 368KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 72KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 368KB