09697799cbdd26226c2d4f367cc5fd54_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

09697799cbdd26226c2d4f367cc5fd54_JaffaCakes118
Size

176KB
MD5

09697799cbdd26226c2d4f367cc5fd54
SHA1

47413b49443206324997d71f041a3ea546ff273c
SHA256

c9fdc8b167ddb71aeddb0ab14a1b306cf718dcc555790405de07042022ed0bee
SHA512

ea51d42fb7287e9cb4fae1664e56a3b393bf525c05ee5fe92db03cfe29d266a1380b6511c5f7b0367dae8b2aef17aeb839dc4f928db3d233035174d5b846f475
SSDEEP

3072:GU24P5Gzfryl54BbfsHFgathgdw1k0p79qnDHQ7JxlqgAx+PBsqdavj1HE1mX4wj:GU3Gzfryl5Eaga/gr0ppXnwgdzdSjdE6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09697799cbdd26226c2d4f367cc5fd54_JaffaCakes118

Files

09697799cbdd26226c2d4f367cc5fd54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55515f69b63a4d6a95d2ef9712629446

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FillRect
ReleaseCapture
DrawTextA
DestroyWindow
PeekMessageA
GetSysColor
CreateAcceleratorTableA
ReleaseDC
SetParent
GetWindowTextLengthA
SetRect
InvalidateRect
IsWindow
SendMessageTimeoutA
PostMessageA
SendNotifyMessageA
GetWindow
KillTimer
PostThreadMessageA
IsChild
CallWindowProcA
EndPaint
BeginPaint
GetActiveWindow
FindWindowA
SendMessageA
SetWindowLongA
CreateWindowExA
GetQueueStatus
GetWindowLongA
CharNextA
MoveWindow
SetCapture
ShowWindow
CopyRect
CreateDialogParamA
GetDC
GetDesktopWindow
DefWindowProcA
GetClassInfoExA
wvsprintfA
DispatchMessageA
DestroyAcceleratorTable
InvalidateRgn
GetParent
RegisterClassExA
SetWindowTextA
EnumDisplayDevicesA
GetDlgItem
GetClientRect
wsprintfA
SetFocus
RegisterWindowMessageA
SetTimer
GetFocus
GetWindowRect
RedrawWindow
GetWindowTextA
EqualRect
UnregisterClassA
MsgWaitForMultipleObjects
GetClassNameA
LoadCursorA
SetWindowPos

advapi32

CryptImportKey
RegDeleteValueA
CryptEncrypt
RegQueryInfoKeyA
RegCloseKey
RegSetValueExA
RegEnumKeyExA
CryptDestroyKey
CryptGetHashParam
RegOpenKeyExA
CryptHashData
RegCreateKeyExA
RegEnumValueA
RegQueryValueExA
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptDestroyHash
RegDeleteKeyA

winmm

timeGetTime
timeSetEvent

gdiplus

GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipCloneImage

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

kernel32

Sleep
CreateFileW
GetShortPathNameW
UnmapViewOfFile
WriteFile
GetProcessId
GlobalFree
GetTickCount
GetFileSize
DisableThreadLibraryCalls
EnumResourceTypesA
CreateFileA
WideCharToMultiByte
GlobalAlloc
MapViewOfFile
GetFileAttributesA
CreateFileMappingA
SetFilePointer
LocalAlloc
LocalFree
ReadFile
GlobalSize
CloseHandle

gdi32

DeleteObject
GetDeviceCaps
GetStockObject
GetObjectA
StretchDIBits
SelectPalette
DeleteDC
GetDIBits
CreateCompatibleBitmap
SetStretchBltMode
CreateFontA
CreateSolidBrush
SelectObject
CreateDIBSection
BitBlt
CreateCompatibleDC
ExtEscape
RealizePalette
CreateDIBitmap
SetBkMode

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

ole32

StringFromGUID2
OleLockRunning
CoCreateInstance
StgCreateDocfile
CoUninitialize
CreateItemMoniker
CreateBindCtx
OleUninitialize
StgOpenStorage
BindMoniker
OleInitialize
StgIsStorageFile
CoTaskMemFree
CoTaskMemRealloc
CoInitialize
CoInitializeSecurity
CLSIDFromProgID
CreateStreamOnHGlobal
GetRunningObjectTable
CoTaskMemAlloc
CoSetProxyBlanket
CoGetClassObject
CLSIDFromString

shlwapi

PathFileExistsW
PathCombineW

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55515f69b63a4d6a95d2ef9712629446

Headers

File Characteristics

Imports

user32

advapi32

winmm

gdiplus

shell32

kernel32

gdi32

version

setupapi

ole32

shlwapi

wininet

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 92KB