2f5c9fe9c6f62f68e28f5d218d18f491_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f5c9fe9c6f62f68e28f5d218d18f491_JaffaCakes118
Size

186KB
MD5

2f5c9fe9c6f62f68e28f5d218d18f491
SHA1

5940187a9cc033df85b29e9de9127b3996419e29
SHA256

cbe619fcd7e4cfd670e5c24c589dfa91fb4dbb4aaec202655c684c3ea3d03e9d
SHA512

261a8524db166be87c588ba95a6b0a4e4522518de0e280908ca4e74d8485f2c76f0a81d6a168a640ad3ee668eb93bd4e7a4f63d60eafc355531fbcb6f5e24e5f
SSDEEP

3072:ce6Up+RkaEAG7dQYOlgjZT5Ur8LDm9WmjMivEqW1/HSPqGn7XQ6ChX:cRRx9lgv5m3vFW1PSFn7XQ6C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f5c9fe9c6f62f68e28f5d218d18f491_JaffaCakes118

Files

2f5c9fe9c6f62f68e28f5d218d18f491_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7c102ad572e739b8d8104b7c11e9322

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

gdiplus

GdipFree
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFile
GdipAlloc
GdipCloneImage

user32

DispatchMessageA
ReleaseDC
LoadCursorA
RegisterClassExA
GetClientRect
SendMessageTimeoutA
GetDlgItem
ReleaseCapture
MoveWindow
SetRect
EnumDisplayDevicesA
InvalidateRect
GetWindowTextLengthA
GetDesktopWindow
SetParent
RedrawWindow
DestroyWindow
CreateWindowExA
RegisterWindowMessageA
SetWindowLongA
MsgWaitForMultipleObjects
DrawTextA
ShowWindow
GetWindowRect
IsChild
CharNextA
DefWindowProcA
SendMessageA
wsprintfA
EndPaint
CopyRect
EqualRect
GetClassInfoExA
GetFocus
GetSysColor
FindWindowA
GetWindowTextA
CallWindowProcA
PeekMessageA
wvsprintfA
GetWindow
GetParent
GetActiveWindow
InvalidateRgn
UnregisterClassA
GetClassNameA
IsWindow
KillTimer
SetCapture
CreateAcceleratorTableA
SetFocus
SetTimer
BeginPaint
PostThreadMessageA
GetWindowLongA
PostMessageA
GetQueueStatus
CreateDialogParamA
SendNotifyMessageA
SetWindowTextA
DestroyAcceleratorTable
GetDC
FillRect
SetWindowPos

kernel32

MapViewOfFile
LocalFree
GetShortPathNameW
ReadFile
LocalAlloc
GlobalFree
GetProcessAffinityMask
CreateFileMappingA
GetTickCount
DisableThreadLibraryCalls
EnumResourceTypesA
GlobalAlloc
SetFilePointer
GetFileSize
WideCharToMultiByte
GetFileAttributesA
WriteFile
UnmapViewOfFile
Sleep
CreateFileW
CreateFileA
GlobalSize
CloseHandle

winmm

timeGetTime
timeSetEvent

version

GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeA
VerQueryValueW
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

advapi32

CryptAcquireContextA
RegDeleteValueA
RegEnumValueA
CryptCreateHash
CryptImportKey
CryptGetHashParam
CryptDestroyHash
RegCreateKeyExA
RegEnumKeyExA
CryptDestroyKey
CryptReleaseContext
CryptEncrypt
RegSetValueExA
RegOpenKeyExA
CryptHashData
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyA
RegDeleteKeyA

gdi32

GetObjectA
BitBlt
CreateCompatibleBitmap
DeleteDC
ExtEscape
SelectPalette
CreateSolidBrush
DeleteObject
CreateCompatibleDC
CreateDIBitmap
StretchDIBits
GetStockObject
SelectObject
RealizePalette
CreateDIBSection
CreateFontA
SetStretchBltMode
GetDeviceCaps
GetDIBits
SetBkMode

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

ole32

OleInitialize
StgCreateDocfile
CreateStreamOnHGlobal
CoInitialize
StgOpenStorage
CoTaskMemRealloc
CoGetClassObject
CreateItemMoniker
StringFromGUID2
StgIsStorageFile
BindMoniker
CoTaskMemAlloc
CoCreateInstance
CLSIDFromProgID
CoSetProxyBlanket
CoTaskMemFree
CreateBindCtx
OleLockRunning
OleUninitialize
CoInitializeSecurity
GetRunningObjectTable
CoUninitialize
CLSIDFromString

shlwapi

PathFileExistsW
PathCombineW

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c102ad572e739b8d8104b7c11e9322

Headers

File Characteristics

Imports

setupapi

gdiplus

user32

kernel32

winmm

version

shell32

advapi32

gdi32

wininet

ole32

shlwapi

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 368KB