5e2ddc8e2fc67dc4e5866deba02ada02_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5e2ddc8e2fc67dc4e5866deba02ada02_JaffaCakes118
Size

167KB
MD5

5e2ddc8e2fc67dc4e5866deba02ada02
SHA1

4757d715fe2ed16591bf0bbe67f968ee79559d02
SHA256

3a4daab3dc1bbba40f505d1e656bcc810ef53bb5d3a25f54f309fede416b59ae
SHA512

0c9b33b0dc3a5a3074957647319d9722b6f8d0dc849337e307f8daf4a5ab9dd7de24269596fe104ab928fb4f96e60c506aa2bb8a4ebe2a38268ab1f4368317d4
SSDEEP

3072:+3Fr0GJAhX+8IwPio/PYWmnBxT/dm4/aT6xRWCxhh/9:+OTX+KAFdTaT6x0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e2ddc8e2fc67dc4e5866deba02ada02_JaffaCakes118

Files

5e2ddc8e2fc67dc4e5866deba02ada02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f088c13131ea446a626d06427360d77b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisableThreadLibraryCalls
GetTickCount
GetShortPathNameW
LocalFree
GlobalAlloc
UnmapViewOfFile
GetProcessAffinityMask
MapViewOfFile
SetFilePointer
CreateFileA
Sleep
LocalAlloc
GetFileSize
EnumResourceTypesW
GetFileAttributesA
CreateFileW
CreateFileMappingA
WriteFile
WideCharToMultiByte
GlobalSize
ReadFile
GlobalFree
CloseHandle

winmm

timeGetTime
timeSetEvent

gdi32

SetStretchBltMode
GetObjectA
DeleteObject
StretchDIBits
CreateCompatibleBitmap
BitBlt
GetStockObject
RealizePalette
DeleteDC
CreateDIBSection
CreateDIBitmap
SelectObject
ExtEscape
CreateFontA
GetDIBits
GetDeviceCaps
SelectPalette
CreateCompatibleDC
CreateSolidBrush
SetBkMode

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

gdiplus

GdipCreateBitmapFromFile
GdipAlloc
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipDisposeImage
GdipFree
GdipCloneImage

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

shlwapi

PathFileExistsW
PathCombineW

user32

ReleaseDC
DefWindowProcA
CharNextA
GetWindow
FindWindowA
SetWindowLongA
GetDlgItem
InvalidateRgn
InvalidateRect
GetWindowRect
SendNotifyMessageA
DestroyAcceleratorTable
wsprintfA
GetClassNameA
CallWindowProcA
GetWindowTextA
IsChild
MoveWindow
ShowWindow
wvsprintfA
SetRect
PostThreadMessageA
UnregisterClassA
SetFocus
GetDC
CreateAcceleratorTableA
GetDesktopWindow
GetClassInfoExA
SetParent
SetTimer
RegisterWindowMessageA
CopyRect
GetWindowTextLengthA
SetWindowTextA
SetCapture
RedrawWindow
KillTimer
SendMessageA
EnumDisplayDevicesA
IsWindow
FillRect
PostMessageA
ReleaseCapture
DispatchMessageA
BeginPaint
CreateWindowExA
DestroyWindow
GetQueueStatus
PeekMessageA
MsgWaitForMultipleObjects
GetActiveWindow
LoadCursorA
RegisterClassExA
GetFocus
GetClientRect
DrawTextA
EndPaint
GetSysColor
EqualRect
GetWindowLongA
SendMessageTimeoutA
CreateDialogParamA
GetParent
SetWindowPos

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

CoSetProxyBlanket
GetRunningObjectTable
CoInitializeSecurity
OleLockRunning
StgOpenStorage
BindMoniker
CreateBindCtx
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoInitialize
StgIsStorageFile
CoTaskMemRealloc
CoUninitialize
StringFromGUID2
CoGetClassObject
StgCreateDocfile
CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc
CreateItemMoniker
CoCreateInstance
CLSIDFromString

advapi32

RegCreateKeyExA
RegDeleteValueA
CryptImportKey
RegEnumValueA
RegCloseKey
CryptReleaseContext
CryptCreateHash
RegQueryInfoKeyA
RegEnumKeyExA
CryptGetHashParam
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
CryptAcquireContextA
CryptEncrypt
CryptHashData
CryptDestroyHash
CryptDestroyKey
RegDeleteKeyA

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f088c13131ea446a626d06427360d77b

Headers

File Characteristics

Imports

kernel32

winmm

gdi32

wininet

gdiplus

version

setupapi

shlwapi

user32

shell32

ole32

advapi32

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 61KB - Virtual size: 61KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 61KB - Virtual size: 61KB

.tls
Size: 1024B - Virtual size: 96KB