17e61701259f2d2b7583643e757cef70_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17e61701259f2d2b7583643e757cef70_JaffaCakes118
Size

173KB
MD5

17e61701259f2d2b7583643e757cef70
SHA1

9920161396ee75417a4c16eb331b18b81b1221ca
SHA256

ba6bda7841c269157d743d5f35537ac3ccdc6df4e4c29040bd72c41d207b4abd
SHA512

e5195aed0c3d921609dcf3d672179ddd4f8274cdabeca01e305123e0adaee655f0a583efb6d10577e93fe7ba96461e804617db955c6543a983fcd733c5aec5f4
SSDEEP

3072:nNl915Gffjkjyz2pCK+bqirahR+2AoL/0RgB7sSk4cgZmtiB0:NlD5KjkjyipfW5rahQ2AO/0RgBoSxcgU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17e61701259f2d2b7583643e757cef70_JaffaCakes118

Files

17e61701259f2d2b7583643e757cef70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21c16bf4b8759f881e70d6e3346b5e9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

kernel32

GetLongPathNameW
WideCharToMultiByte
SetFilePointer
GlobalSize
GetFileSize
GlobalFree
LocalFree
CreateFileMappingA
GetProcessHandleCount
MapViewOfFile
LocalAlloc
EnumResourceTypesA
DisableThreadLibraryCalls
CreateFileA
WriteFile
GetFileAttributesA
GetTickCount
ReadFile
GlobalAlloc
Sleep
UnmapViewOfFile
CreateFileW
CloseHandle

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

ole32

CoSetProxyBlanket
BindMoniker
CoUninitialize
OleUninitialize
CreateStreamOnHGlobal
OleInitialize
StgCreateDocfile
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID
CoInitialize
CreateBindCtx
StringFromGUID2
CoTaskMemAlloc
StgOpenStorage
OleLockRunning
CoInitializeSecurity
CreateItemMoniker
GetRunningObjectTable
CoTaskMemRealloc
StgIsStorageFile
CoGetClassObject
CLSIDFromString

user32

DispatchMessageA
InvalidateRect
ReleaseDC
UnregisterClassA
GetClassInfoExA
DrawTextA
GetActiveWindow
GetFocus
PostMessageA
DefWindowProcA
GetDesktopWindow
GetSysColor
SetWindowLongA
GetWindowTextLengthA
CopyRect
FillRect
SetFocus
SetCapture
RegisterClassExA
GetClientRect
GetWindow
KillTimer
CreateAcceleratorTableA
ReleaseCapture
IsChild
GetDlgItem
CallWindowProcA
LoadCursorA
GetDC
SendMessageTimeoutA
SendMessageA
CharNextA
SetWindowTextA
InvalidateRgn
RedrawWindow
MoveWindow
SetRect
PeekMessageA
CreateDialogParamA
EnumDisplayDevicesA
DestroyAcceleratorTable
FindWindowA
GetParent
wvsprintfA
EndPaint
GetWindowLongA
SetParent
SetTimer
EqualRect
GetWindowTextA
GetClassNameA
RegisterWindowMessageA
IsWindow
MsgWaitForMultipleObjects
CreateWindowExA
PostThreadMessageA
ShowWindow
DestroyWindow
GetWindowRect
GetQueueStatus
BeginPaint
wsprintfA
SendNotifyMessageA
SetWindowPos

advapi32

RegQueryValueExA
RegDeleteValueA
CryptGetHashParam
CryptHashData
RegQueryInfoKeyA
RegSetValueExA
CryptReleaseContext
CryptDestroyKey
RegEnumKeyExA
CryptImportKey
CryptCreateHash
CryptEncrypt
RegCloseKey
RegEnumValueA
RegCreateKeyExA
CryptAcquireContextA
CryptDestroyHash
RegOpenKeyExA
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

gdi32

SetStretchBltMode
CreateCompatibleDC
CreateDIBSection
CreateSolidBrush
DeleteDC
ExtEscape
CreateCompatibleBitmap
GetDIBits
GetDeviceCaps
CreateFontA
GetObjectA
RealizePalette
DeleteObject
BitBlt
SelectObject
SelectPalette
CreateDIBitmap
GetStockObject
StretchDIBits
SetBkMode

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21c16bf4b8759f881e70d6e3346b5e9c

Headers

File Characteristics

Imports

shlwapi

kernel32

setupapi

ole32

user32

advapi32

shell32

wininet

gdi32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 4KB - Virtual size: 4KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 88KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 4KB - Virtual size: 4KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 88KB