163944cc241d92a6fc32ebb275edb223_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

163944cc241d92a6fc32ebb275edb223_JaffaCakes118
Size

169KB
MD5

163944cc241d92a6fc32ebb275edb223
SHA1

b0578fbf2bd4c128939e6f34bc8cdbe448a7f3fe
SHA256

9139892d29b6b8e21632c569973b22326aabdef8266935d5a9ab06492d3bfc26
SHA512

f45670dd0c49d85fa46f158df90812d49a10850759e812155471b11325a2017e11ee5a519b4056f50a517db1a90bad97699f6d3f13c5efb31686c80bd06a97e4
SSDEEP

3072:9oOjPtSZlU7D+FLuzFLzkBx9xE5uefNvC18CppiYTNXP/F9:9oCVSLU7KFSzFLYg5FdU8CjiYTxP/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
163944cc241d92a6fc32ebb275edb223_JaffaCakes118

Files

163944cc241d92a6fc32ebb275edb223_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e271f9c52bce7cd629d5ba59360eb57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

shlwapi

PathFileExistsW
PathCombineW

kernel32

WideCharToMultiByte
GetShortPathNameW
MapViewOfFile
GlobalFree
SetFilePointer
GlobalSize
CreateFileW
GetProcessAffinityMask
LocalFree
DisableThreadLibraryCalls
GetFileSize
EnumResourceTypesW
GlobalAlloc
CreateFileMappingA
GetTickCount
UnmapViewOfFile
Sleep
GetFileAttributesA
ReadFile
CreateFileA
WriteFile
LocalAlloc
CloseHandle

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

ole32

CoInitializeSecurity
CreateItemMoniker
CoSetProxyBlanket
CoGetClassObject
CoUninitialize
BindMoniker
CoTaskMemAlloc
CLSIDFromProgID
StgOpenStorage
CoInitialize
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
StgIsStorageFile
StringFromGUID2
OleInitialize
GetRunningObjectTable
StgCreateDocfile
CoCreateInstance
OleLockRunning
OleUninitialize
CreateBindCtx
CLSIDFromString

gdi32

DeleteObject
SelectObject
DeleteDC
CreateCompatibleBitmap
GetDIBits
CreateSolidBrush
SelectPalette
ExtEscape
RealizePalette
CreateCompatibleDC
SetStretchBltMode
GetStockObject
StretchDIBits
CreateDIBitmap
CreateFontA
GetDeviceCaps
BitBlt
GetObjectA
CreateDIBSection
SetBkMode

user32

EqualRect
ReleaseDC
EnumDisplayDevicesA
IsWindow
wvsprintfA
GetClientRect
GetClassInfoExA
GetWindowLongA
MoveWindow
EndPaint
GetQueueStatus
BeginPaint
wsprintfA
CreateDialogParamA
SetRect
GetWindowRect
GetParent
RegisterClassExA
GetActiveWindow
CallWindowProcA
SetParent
GetSysColor
SetFocus
SendNotifyMessageA
CreateWindowExA
FindWindowA
DrawTextA
MsgWaitForMultipleObjects
IsChild
GetDesktopWindow
GetWindowTextA
SetWindowLongA
UnregisterClassA
RedrawWindow
DestroyWindow
GetWindowTextLengthA
FillRect
DestroyAcceleratorTable
KillTimer
GetDC
InvalidateRect
GetDlgItem
SetTimer
RegisterWindowMessageA
CopyRect
GetClassNameA
SendMessageTimeoutA
InvalidateRgn
GetFocus
SendMessageA
SetWindowTextA
LoadCursorA
PeekMessageA
GetWindow
PostThreadMessageA
SetCapture
CharNextA
ReleaseCapture
DispatchMessageA
DefWindowProcA
CreateAcceleratorTableA
PostMessageA
ShowWindow
SetWindowPos

advapi32

RegCreateKeyExA
CryptEncrypt
CryptImportKey
RegEnumKeyExA
CryptAcquireContextA
RegQueryValueExA
RegSetValueExA
CryptHashData
RegQueryInfoKeyA
CryptReleaseContext
CryptCreateHash
RegOpenKeyExA
CryptDestroyHash
RegDeleteValueA
RegEnumValueA
RegCloseKey
CryptGetHashParam
CryptDestroyKey
RegDeleteKeyA

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

gdiplus

GdipCreateBitmapFromFile
GdipFree
GdipCreateBitmapFromFileICM
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneImage

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e271f9c52bce7cd629d5ba59360eb57

Headers

File Characteristics

Imports

shell32

winmm

shlwapi

kernel32

version

setupapi

ole32

gdi32

user32

advapi32

wininet

gdiplus

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 66KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 66KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 96KB