effcd81c51d4cc8fcc65dafb777f52f4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

effcd81c51d4cc8fcc65dafb777f52f4_JaffaCakes118
Size

176KB
MD5

effcd81c51d4cc8fcc65dafb777f52f4
SHA1

d65888f35b10c26e57fa3c15650182fefa7a85ea
SHA256

e8f82ecfe494ce17400cbb739cf2c593c060ad00ad1ffc3168d2913c7cca82c2
SHA512

469fe5ca3232aef03bef17df0f5135b34ea550263c041ea093885a0626dff7156f0038410e688473745e6a586cb3b6dc5188b93db98ec2da9a9af817847a662e
SSDEEP

3072:4/WFAvRzX6pkXX4/xFHHs1sMqO+fYVnd9nROlnDTqOf6sOgHPwa1:gB5UkH4TsHqObVntWJHf1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
effcd81c51d4cc8fcc65dafb777f52f4_JaffaCakes118

Files

effcd81c51d4cc8fcc65dafb777f52f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2b53594e018f082cbde74f3921bac05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ole32

StgIsStorageFile
CoTaskMemRealloc
CreateBindCtx
CoSetProxyBlanket
CreateStreamOnHGlobal
CLSIDFromProgID
StgOpenStorage
CoCreateInstance
CoGetClassObject
CoInitialize
CreateItemMoniker
CoInitializeSecurity
GetRunningObjectTable
BindMoniker
OleLockRunning
CoTaskMemFree
OleInitialize
StringFromGUID2
CoUninitialize
CoTaskMemAlloc
OleUninitialize
StgCreateDocfile
CLSIDFromString

user32

CreateDialogParamA
wsprintfA
FindWindowA
LoadCursorA
ReleaseDC
GetParent
SendMessageA
InvalidateRect
SetTimer
SendMessageTimeoutA
EndPaint
ShowWindow
CreateAcceleratorTableA
GetDC
RegisterClassExA
FillRect
PeekMessageA
EnumDisplayDevicesA
CopyRect
GetWindow
GetDlgItem
MoveWindow
GetWindowTextLengthA
ReleaseCapture
SetWindowTextA
DestroyWindow
DispatchMessageA
IsWindow
IsChild
DestroyAcceleratorTable
SetRect
RedrawWindow
GetActiveWindow
GetClassInfoExA
UnregisterClassA
KillTimer
CallWindowProcA
GetClassNameA
BeginPaint
wvsprintfA
MsgWaitForMultipleObjects
CreateWindowExA
CharNextA
PostThreadMessageA
GetDesktopWindow
PostMessageA
SetFocus
DrawTextA
DefWindowProcA
GetWindowRect
SetParent
GetQueueStatus
GetWindowTextA
GetSysColor
GetClientRect
GetWindowLongA
InvalidateRgn
SetWindowLongA
EqualRect
GetFocus
RegisterWindowMessageA
SetCapture
SendNotifyMessageA
SetWindowPos

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

winmm

timeGetTime
timeSetEvent

gdi32

SetStretchBltMode
SelectObject
CreateCompatibleDC
GetDIBits
CreateSolidBrush
GetStockObject
CreateDIBitmap
CreateDIBSection
SelectPalette
BitBlt
CreateFontA
ExtEscape
DeleteDC
RealizePalette
CreateCompatibleBitmap
DeleteObject
StretchDIBits
GetDeviceCaps
GetObjectA
SetBkMode

kernel32

MapViewOfFile
GetShortPathNameW
GetModuleFileNameA
GetSystemInfo
GlobalUnlock
MulDiv
lstrlenA
CreateSemaphoreA
CreateFileMappingA
SetEvent
GetModuleHandleA
GetSystemTimeAsFileTime
GlobalAlloc
GetDriveTypeW
FlushInstructionCache
GlobalSize
DeviceIoControl
LoadResource
LeaveCriticalSection
LoadLibraryExA
TerminateProcess
LocalFree
GetThreadLocale
ResetEvent
WriteProcessMemory
HeapAlloc
QueryPerformanceCounter
IsBadWritePtr
RaiseException
Beep
GetVersionExA
DeleteFileA
InterlockedExchange
WideCharToMultiByte
VirtualAlloc
GetCurrentThread
ReadFile
InitializeCriticalSection
GetProcessAffinityMask
CreateFileA
GetVolumeInformationW
FindResourceA
GlobalFree
WriteFile
OutputDebugStringW
lstrcpynA
GetSystemTime
EnumResourceTypesW
InterlockedDecrement
Sleep
InterlockedIncrement
LoadLibraryW
GetProcessHeap
SizeofResource
CreateEventA
_llseek
GetProcAddress
GetLastError
EnterCriticalSection
CreateDirectoryA
IsBadReadPtr
GetTempPathW
HeapFree
DeleteCriticalSection
WaitForSingleObject
LoadLibraryA
GetFileAttributesA
lstrcmpA
GetCurrentThreadId
IsDebuggerPresent
GetFileAttributesW
CreateDirectoryW
GetModuleFileNameW
VirtualFree
GlobalLock
WaitForMultipleObjects
SetEnvironmentVariableW
GetLocaleInfoA
ExitProcess
FreeLibrary
lstrcmpiA
SetThreadPriority
GetTickCount
GetCurrentProcess
VirtualProtect
GetACP
CloseHandle
OpenFileMappingA
MultiByteToWideChar
GetThreadPriority
IsDBCSLeadByte
GetCurrentProcessId
GetTempPathA
GlobalReAlloc
CreateThread
VirtualQuery
lstrcpyA
OutputDebugStringA
lstrlenW

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

advapi32

CryptEncrypt
RegOpenKeyExA
RegQueryInfoKeyA
CryptGetHashParam
CryptHashData
CryptAcquireContextA
RegEnumValueA
RegDeleteValueA
CryptCreateHash
RegEnumKeyExA
CryptReleaseContext
RegCreateKeyExA
CryptDestroyHash
RegQueryValueExA
CryptImportKey
CryptDestroyKey
RegCloseKey
RegSetValueExA
RegDeleteKeyA

gdiplus

GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipFree
GdipCreateBitmapFromFile
GdipAlloc
GdipDisposeImage
GdipCloneImage

shlwapi

PathFileExistsW
PathCombineW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2b53594e018f082cbde74f3921bac05

Headers

File Characteristics

Imports

version

ole32

user32

wininet

setupapi

winmm

gdi32

kernel32

shell32

advapi32

gdiplus

shlwapi

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 7KB - Virtual size: 6KB

.bss Size: 66KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 248KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 66KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 248KB