632fc4b7b8d2fde72c0e2286a90e9109_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

632fc4b7b8d2fde72c0e2286a90e9109_JaffaCakes118
Size

186KB
MD5

632fc4b7b8d2fde72c0e2286a90e9109
SHA1

6481b76e28aa98e4bfd22aecbd9f793b52a461cc
SHA256

4953ec2e9a15ad71bbf77758cf793f55a469f7e2abda785310f9345149230969
SHA512

79f250faf35bb51dca84b604e473c797794b0521d07025cd563809535c32dec3815eb81cbfa278448c806006240025acdfd96e69a4a2b28b74cb045f6bc87e44
SSDEEP

3072:gxPQ79wi1J0qv0Ws/JL8DtfaVM41qvoPDnDCmGfDrylkE2LqkGI5HxJvfvZ6JP8m:gbi1OqO8ZaVR1Z+DmAP5HIt8q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
632fc4b7b8d2fde72c0e2286a90e9109_JaffaCakes118

Files

632fc4b7b8d2fde72c0e2286a90e9109_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80c82c57c5ab67097bda2c3bcd3fa43f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetRunningObjectTable
CoInitializeSecurity
BindMoniker
OleInitialize
OleLockRunning
CoSetProxyBlanket
CreateStreamOnHGlobal
StgIsStorageFile
CoTaskMemAlloc
CreateBindCtx
OleUninitialize
CoUninitialize
CreateItemMoniker
StgCreateDocfile
CoTaskMemFree
CoGetClassObject
CoInitialize
CoCreateInstance
StringFromGUID2
CLSIDFromProgID
CoTaskMemRealloc
StgOpenStorage
CLSIDFromString

winmm

timeGetTime
timeSetEvent

gdi32

CreateCompatibleBitmap
DeleteObject
GetDIBits
CreateDIBitmap
SelectPalette
RealizePalette
CreateCompatibleDC
SelectObject
DeleteDC
BitBlt
GetDeviceCaps
GetStockObject
CreateSolidBrush
ExtEscape
SetStretchBltMode
CreateDIBSection
StretchDIBits
CreateFontA
GetObjectA
SetBkMode

advapi32

RegQueryValueExA
CryptDestroyHash
CryptHashData
CryptEncrypt
CryptCreateHash
RegOpenKeyExA
RegEnumValueA
RegCloseKey
CryptAcquireContextA
RegSetValueExA
RegQueryInfoKeyA
RegCreateKeyExA
CryptReleaseContext
CryptImportKey
RegDeleteValueA
CryptDestroyKey
RegEnumKeyExA
CryptGetHashParam
RegDeleteKeyA

user32

SetParent
ShowWindow
GetWindow
GetWindowTextA
SetWindowTextA
EqualRect
LoadCursorA
wvsprintfA
RedrawWindow
GetSysColor
SetRect
EndPaint
GetDlgItem
MoveWindow
PostThreadMessageA
SetCapture
GetWindowLongA
BeginPaint
CreateDialogParamA
GetActiveWindow
SendNotifyMessageA
RegisterClassExA
GetWindowRect
SendMessageTimeoutA
GetClientRect
SetTimer
ReleaseDC
GetWindowTextLengthA
DefWindowProcA
SetFocus
DestroyAcceleratorTable
CopyRect
GetClassInfoExA
InvalidateRect
RegisterWindowMessageA
MsgWaitForMultipleObjects
PostMessageA
InvalidateRgn
CallWindowProcA
FindWindowA
CharNextA
CreateAcceleratorTableA
PeekMessageA
GetDesktopWindow
GetParent
EnumDisplayDevicesA
ReleaseCapture
GetDC
DispatchMessageA
UnregisterClassA
GetClassNameA
FillRect
wsprintfA
GetQueueStatus
SetWindowLongA
DrawTextA
SendMessageA
DestroyWindow
KillTimer
IsChild
IsWindow
CreateWindowExA
GetFocus
SetWindowPos

gdiplus

GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipAlloc
GdipDisposeImage
GdipFree
GdipCreateBitmapFromFileICM
GdipCloneImage

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

version

GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

kernel32

WriteFile
GetShortPathNameW
DisableThreadLibraryCalls
GlobalSize
CreateFileW
ReadFile
CreateFileA
GetProcessAffinityMask
SetFilePointer
CreateFileMappingA
GetTickCount
MapViewOfFile
EnumResourceTypesA
GlobalAlloc
Sleep
GetFileAttributesA
WideCharToMultiByte
GetFileSize
GlobalFree
UnmapViewOfFile
LocalAlloc
LocalFree
CloseHandle

shlwapi

PathFileExistsW
PathCombineW

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80c82c57c5ab67097bda2c3bcd3fa43f

Headers

File Characteristics

Imports

ole32

winmm

gdi32

advapi32

user32

gdiplus

setupapi

version

kernel32

shlwapi

wininet

shell32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 76KB - Virtual size: 76KB

.tls Size: 1024B - Virtual size: 236KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 76KB - Virtual size: 76KB

.tls
Size: 1024B - Virtual size: 236KB