4c15fb433edafd495baaaf70283584e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4c15fb433edafd495baaaf70283584e1_JaffaCakes118
Size

167KB
MD5

4c15fb433edafd495baaaf70283584e1
SHA1

d0c15ae1f0d299f8d82fad3f8eac289083f96edc
SHA256

2e4f384a3e7797e1c5a75cd634bb177200eae21f93e93162dda9056fb8eb029e
SHA512

4c5b045f5b11121a34163af5d361965571f9bd97aec09f545ed2984380e45c660024ddd632a2ae851f0272a37effad0dd5901240539f7925f8019021634b22c7
SSDEEP

3072:w4ZF3nu4vCpgQHzFndHdLDJJUnDtx7NB2tRGeq7qCuGxPNgd:Zn3Pov5dHd/Jex7NeTq7qCueO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c15fb433edafd495baaaf70283584e1_JaffaCakes118

Files

4c15fb433edafd495baaaf70283584e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f27eb3ae11c8b6f0950f9815840831a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

ole32

CLSIDFromProgID
CoSetProxyBlanket
StgCreateDocfile
OleLockRunning
GetRunningObjectTable
CoGetClassObject
CreateItemMoniker
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
OleUninitialize
StgOpenStorage
CreateStreamOnHGlobal
OleInitialize
StgIsStorageFile
CoTaskMemFree
CoInitializeSecurity
CoUninitialize
CreateBindCtx
CoInitialize
CoTaskMemRealloc
BindMoniker
CLSIDFromString

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

user32

DispatchMessageA
GetWindowRect
GetFocus
PostMessageA
GetDC
GetSysColor
LoadCursorA
ReleaseCapture
UnregisterClassA
GetClientRect
DrawTextA
DestroyAcceleratorTable
ReleaseDC
SendMessageTimeoutA
SetCapture
RegisterClassExA
SendNotifyMessageA
SetTimer
MoveWindow
GetQueueStatus
wvsprintfA
MsgWaitForMultipleObjects
InvalidateRect
RegisterWindowMessageA
PeekMessageA
FindWindowA
RedrawWindow
SetWindowLongA
CreateWindowExA
DestroyWindow
BeginPaint
GetParent
EnumDisplayDevicesA
SetWindowTextA
SetParent
CopyRect
GetActiveWindow
IsWindow
CallWindowProcA
GetWindowLongA
GetWindow
GetDesktopWindow
IsChild
EqualRect
ShowWindow
GetWindowTextA
PostThreadMessageA
GetDlgItem
CreateDialogParamA
KillTimer
wsprintfA
SendMessageA
CharNextA
SetFocus
GetClassNameA
InvalidateRgn
EndPaint
GetWindowTextLengthA
GetClassInfoExA
DefWindowProcA
SetRect
CreateAcceleratorTableA
FillRect
SetWindowPos

gdi32

CreateSolidBrush
CreateDIBitmap
CreateCompatibleBitmap
GetObjectA
SelectPalette
DeleteObject
SetStretchBltMode
StretchDIBits
CreateFontA
GetDeviceCaps
BitBlt
CreateDIBSection
GetDIBits
CreateCompatibleDC
RealizePalette
DeleteDC
ExtEscape
SelectObject
GetStockObject
SetBkMode

kernel32

GetShortPathNameW
ReadFile
WideCharToMultiByte
CreateFileMappingA
GlobalAlloc
GetTickCount
DisableThreadLibraryCalls
GetProcessAffinityMask
CreateFileA
GlobalSize
SetFilePointer
WriteFile
EnumResourceTypesW
UnmapViewOfFile
LocalAlloc
GlobalFree
GetFileAttributesA
Sleep
GetFileSize
MapViewOfFile
LocalFree
CreateFileW
CloseHandle

advapi32

RegQueryValueExA
RegOpenKeyExA
CryptAcquireContextA
RegQueryInfoKeyA
RegCloseKey
RegEnumValueA
RegSetValueExA
RegEnumKeyExA
RegCreateKeyExA
CryptCreateHash
CryptDestroyKey
CryptEncrypt
CryptReleaseContext
CryptHashData
CryptImportKey
CryptDestroyHash
CryptGetHashParam
RegDeleteValueA
RegDeleteKeyA

gdiplus

GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipCloneImage

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f27eb3ae11c8b6f0950f9815840831a

Headers

File Characteristics

Imports

shlwapi

setupapi

ole32

wininet

winmm

user32

gdi32

kernel32

advapi32

gdiplus

shell32

version

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 63KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 63KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 96KB