2f2bf85b3259faf11167244e82862d60_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2f2bf85b3259faf11167244e82862d60_JaffaCakes118
Size

182KB
MD5

2f2bf85b3259faf11167244e82862d60
SHA1

33a42995ce838a5f59eae026ccb13aedf37db258
SHA256

c8782b9358a927b83236d3345b17683fbbc177c41a1b712e407f74f543bd0e96
SHA512

883a669c88a8a112e154b13946d017ec3e265feef694f4192f087f88ec6cce8384a38ecacad1e00632e7e5757de5316b70cc29356a12a80313d3238d15642749
SSDEEP

3072:pctXp7x/5tyIwcQOorf/f/SUvkXzH3xO0baV+PuWGLUC/xTurBD2:p2LzQhrnfa9g0baVTWi/x6r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f2bf85b3259faf11167244e82862d60_JaffaCakes118

Files

2f2bf85b3259faf11167244e82862d60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b33869ad531589f5a44d08d27fafed7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

user32

RegisterWindowMessageA
GetWindow
PeekMessageA
DispatchMessageA
CopyRect
ReleaseCapture
PostMessageA
InvalidateRect
SetRect
wvsprintfA
SetParent
SetFocus
GetWindowLongA
CreateAcceleratorTableA
GetWindowTextLengthA
wsprintfA
GetWindowRect
SetCapture
DefWindowProcA
GetClientRect
FillRect
IsWindow
InvalidateRgn
GetDlgItem
SetTimer
BeginPaint
SendMessageA
DestroyAcceleratorTable
CreateDialogParamA
UnregisterClassA
MsgWaitForMultipleObjects
GetClassInfoExA
CreateWindowExA
GetClassNameA
GetWindowTextA
ShowWindow
KillTimer
EnumDisplayDevicesA
SendMessageTimeoutA
GetDesktopWindow
DestroyWindow
LoadCursorA
EqualRect
RedrawWindow
SetWindowLongA
ReleaseDC
GetQueueStatus
CallWindowProcA
DrawTextA
FindWindowA
MoveWindow
EndPaint
GetSysColor
SetWindowTextA
GetActiveWindow
GetFocus
IsChild
RegisterClassExA
SendNotifyMessageA
CharNextA
GetParent
PostThreadMessageA
GetDC
SetWindowPos

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

OleLockRunning
StgCreateDocfile
CreateStreamOnHGlobal
CoTaskMemFree
StgIsStorageFile
CoSetProxyBlanket
BindMoniker
OleInitialize
StringFromGUID2
CoTaskMemRealloc
CreateItemMoniker
CoTaskMemAlloc
StgOpenStorage
CoGetClassObject
CreateBindCtx
OleUninitialize
CoCreateInstance
CoUninitialize
CoInitialize
GetRunningObjectTable
CoInitializeSecurity
CLSIDFromProgID
CLSIDFromString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

gdiplus

GdipGetImagePixelFormat
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipFree
GdipCloneImage

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

kernel32

CreateFileA
UnmapViewOfFile
GetShortPathNameW
GetFileSize
Sleep
GetTickCount
MapViewOfFile
CreateFileMappingA
GetProcessId
WriteFile
SetFilePointer
EnumResourceTypesA
GlobalSize
GlobalFree
DisableThreadLibraryCalls
GetFileAttributesA
LocalAlloc
ReadFile
CreateFileW
GlobalAlloc
LocalFree
WideCharToMultiByte
CloseHandle

winmm

timeGetTime
timeSetEvent

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
CryptDestroyHash
CryptGetHashParam
CryptEncrypt
RegEnumValueA
CryptAcquireContextA
RegEnumKeyExA
RegDeleteValueA
CryptReleaseContext
CryptDestroyKey
RegQueryInfoKeyA
CryptCreateHash
RegCloseKey
CryptHashData
CryptImportKey
RegDeleteKeyA

gdi32

GetDIBits
SelectPalette
StretchDIBits
CreateDIBSection
GetStockObject
CreateCompatibleDC
SetStretchBltMode
CreateDIBitmap
CreateSolidBrush
SelectObject
CreateFontA
ExtEscape
DeleteObject
CreateCompatibleBitmap
DeleteDC
BitBlt
GetDeviceCaps
GetObjectA
RealizePalette
SetBkMode

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b33869ad531589f5a44d08d27fafed7

Headers

File Characteristics

Imports

shlwapi

user32

shell32

ole32

version

gdiplus

setupapi

kernel32

winmm

advapi32

gdi32

wininet

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 240KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 240KB