f0b9ae2cad85f486c3c970094f59717e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0b9ae2cad85f486c3c970094f59717e_JaffaCakes118
Size

185KB
MD5

f0b9ae2cad85f486c3c970094f59717e
SHA1

e72eb2a32cef73654ba48f5fae0d7b370a1288c6
SHA256

9b2a2e1f9016286d14da4359e3e3cf8f11633b7e465953ca574ae286f7bfe248
SHA512

0cd56eed10e6e874f7d3ee64e9564dd5e7de7eefd3074dc08ce3742163a8b5f40f3377f244d4c0d5389465aa708817e9a073fb9acf55a9cdb4663f306a61d9db
SSDEEP

3072:Q72dJqx0hk/SrSYiZUWAlh38y2sbWQmuybHSXJW3x98tUJ:QizqxJmSYiZUWmh38zsqQmFJ98tUJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0b9ae2cad85f486c3c970094f59717e_JaffaCakes118

Files

f0b9ae2cad85f486c3c970094f59717e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

516e41d98a13fe026f0d36689df1fbf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptImportKey
CryptHashData
CryptCreateHash
RegCloseKey
RegQueryValueExA
CryptGetHashParam
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
CryptDestroyKey
CryptEncrypt
RegSetValueExA
CryptDestroyHash
RegCreateKeyExA
RegDeleteValueA
CryptReleaseContext
CryptAcquireContextA
RegDeleteKeyA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

GetLongPathNameW
CreateFileW
CreateFileA
DisableThreadLibraryCalls
LocalFree
GetTickCount
SetFilePointer
GetProcessHandleCount
Sleep
CreateFileMappingA
ReadFile
GetFileSize
GlobalFree
EnumResourceTypesA
GlobalSize
GetFileAttributesA
WriteFile
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
LocalAlloc
GlobalAlloc
CloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

SetFocus
GetWindowTextA
GetDlgItem
GetWindowLongA
EndPaint
ReleaseCapture
DefWindowProcA
LoadCursorA
SetCapture
CreateAcceleratorTableA
FillRect
RegisterWindowMessageA
RegisterClassExA
GetWindow
GetFocus
KillTimer
IsWindow
GetSysColor
CharNextA
IsChild
MsgWaitForMultipleObjects
wsprintfA
BeginPaint
GetQueueStatus
ShowWindow
SendMessageTimeoutA
EnumDisplayDevicesA
PostMessageA
GetClassInfoExA
SendNotifyMessageA
FindWindowA
InvalidateRect
EqualRect
GetWindowTextLengthA
SetRect
SetWindowTextA
SetWindowLongA
GetActiveWindow
GetClientRect
wvsprintfA
RedrawWindow
DrawTextA
UnregisterClassA
GetWindowRect
GetParent
GetDesktopWindow
DispatchMessageA
SetTimer
GetClassNameA
ReleaseDC
DestroyAcceleratorTable
PeekMessageA
CreateDialogParamA
CopyRect
CallWindowProcA
GetDC
InvalidateRgn
SendMessageA
PostThreadMessageA
MoveWindow
CreateWindowExA
SetParent
DestroyWindow
SetWindowPos

gdi32

DeleteDC
CreateCompatibleBitmap
SelectPalette
GetStockObject
SetStretchBltMode
GetDIBits
CreateFontA
BitBlt
DeleteObject
CreateCompatibleDC
ExtEscape
CreateDIBitmap
CreateDIBSection
RealizePalette
SelectObject
StretchDIBits
CreateSolidBrush
GetDeviceCaps
GetObjectA
SetBkMode

shlwapi

PathFileExistsW
PathCombineW

ole32

BindMoniker
StgOpenStorage
CreateItemMoniker
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
OleLockRunning
OleInitialize
CoUninitialize
StringFromGUID2
CoTaskMemFree
StgCreateDocfile
CoTaskMemRealloc
OleUninitialize
GetRunningObjectTable
StgIsStorageFile
CoInitializeSecurity
CLSIDFromProgID
CoInitialize
CoSetProxyBlanket
CreateBindCtx
CoTaskMemAlloc
CLSIDFromString

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

516e41d98a13fe026f0d36689df1fbf7

Headers

File Characteristics

Imports

advapi32

wininet

setupapi

kernel32

shell32

user32

gdi32

shlwapi

ole32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 4KB - Virtual size: 4KB

.bss Size: 74KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 4KB - Virtual size: 4KB

.bss
Size: 74KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 368KB