66d4e1dc0679ea2025325e4007589092_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

66d4e1dc0679ea2025325e4007589092_JaffaCakes118
Size

172KB
MD5

66d4e1dc0679ea2025325e4007589092
SHA1

088798f9708f70ad3de88366a9fa8424dd90e311
SHA256

b65d1433f92e2e19b886550d378172818ecd396a72ac87378b5e6456dffe15f3
SHA512

1b484ea1857a18c85c707e884da31cf6acf1c82f31aee1ca2505682b5bd23be6d2641838eeeca3222a1a2d059613a449b6f17206e6e2393164e84f3b723f6af4
SSDEEP

3072:lwfUpnHbZwSpkdkOWZe2o9f8PyVOFosjzzhwuhO1A01JP7hlne:lwcOFOZe2od8PyVOF/j09Thlne

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66d4e1dc0679ea2025325e4007589092_JaffaCakes118

Files

66d4e1dc0679ea2025325e4007589092_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c421afaeed0926f7654c28968c36467

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

advapi32

RegCreateKeyExA
CryptDestroyKey
CryptImportKey
CryptHashData
RegQueryValueExA
CryptGetHashParam
CryptDestroyHash
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
CryptCreateHash
RegDeleteValueA
CryptReleaseContext
CryptEncrypt
RegEnumValueA
RegSetValueExA
CryptAcquireContextA
RegQueryInfoKeyA
RegDeleteKeyA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

shlwapi

PathFileExistsW
PathCombineW

gdi32

CreateSolidBrush
SelectObject
SelectPalette
SetStretchBltMode
GetDIBits
RealizePalette
StretchDIBits
BitBlt
CreateCompatibleDC
ExtEscape
CreateCompatibleBitmap
DeleteDC
CreateDIBSection
GetObjectA
GetDeviceCaps
GetStockObject
CreateDIBitmap
DeleteObject
CreateFontA
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

ReleaseDC
GetWindowTextLengthA
GetWindowRect
GetWindow
BeginPaint
KillTimer
GetClassNameA
GetQueueStatus
PostThreadMessageA
SetFocus
GetDC
GetClassInfoExA
CopyRect
EqualRect
GetClientRect
SendMessageA
IsWindow
CreateAcceleratorTableA
EnumDisplayDevicesA
SetWindowTextA
wvsprintfA
GetWindowLongA
RedrawWindow
PeekMessageA
InvalidateRect
DefWindowProcA
RegisterClassExA
SetTimer
SetWindowLongA
EndPaint
CallWindowProcA
SetRect
FindWindowA
UnregisterClassA
InvalidateRgn
wsprintfA
GetActiveWindow
DispatchMessageA
CreateWindowExA
GetDesktopWindow
CreateDialogParamA
ShowWindow
DrawTextA
ReleaseCapture
MoveWindow
SetParent
SetCapture
GetParent
FillRect
GetWindowTextA
DestroyAcceleratorTable
RegisterWindowMessageA
PostMessageA
IsChild
GetSysColor
GetFocus
GetDlgItem
MsgWaitForMultipleObjects
DestroyWindow
SendNotifyMessageA
SendMessageTimeoutA
LoadCursorA
CharNextA
SetWindowPos

ole32

StgIsStorageFile
OleUninitialize
CoTaskMemFree
StgCreateDocfile
GetRunningObjectTable
CoSetProxyBlanket
OleInitialize
CoInitializeSecurity
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CreateStreamOnHGlobal
CoInitialize
CreateBindCtx
OleLockRunning
BindMoniker
CoUninitialize
CLSIDFromProgID
CoGetClassObject
CreateItemMoniker
CoTaskMemRealloc
StgOpenStorage
CLSIDFromString

kernel32

ReadFile
MapViewOfFile
GetLongPathNameW
DisableThreadLibraryCalls
LocalAlloc
GetProcessHandleCount
Sleep
CreateFileMappingA
GlobalAlloc
CreateFileA
GlobalFree
LocalFree
EnumResourceTypesA
UnmapViewOfFile
WriteFile
GlobalSize
GetFileAttributesA
WideCharToMultiByte
CreateFileW
SetFilePointer
GetFileSize
GetTickCount
CloseHandle

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c421afaeed0926f7654c28968c36467

Headers

File Characteristics

Imports

wininet

advapi32

setupapi

shlwapi

gdi32

shell32

user32

ole32

kernel32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 4KB - Virtual size: 4KB

.bss Size: 70KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 4KB - Virtual size: 4KB

.bss
Size: 70KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 92KB