689ad2785f3c54909c2740c7da2f9861_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

689ad2785f3c54909c2740c7da2f9861_JaffaCakes118
Size

173KB
MD5

689ad2785f3c54909c2740c7da2f9861
SHA1

14b833c6d7e00332d0458dc05a4bd64ab2d18d74
SHA256

5a9f7f61cde95226ce12edf64bc72d9e702ddef8e92f9a7b5d5fe6df2ed7d2d7
SHA512

30635f8545152af74e71a632421e7ac5b9c08af74baa7ee8ce17110242019ada17ac5f8bdf041660516c591a3ddd96e29af41b6f1ca82d060eff8ccf12dfb71f
SSDEEP

3072:ERfrhxM55Skt1FnAIm9wIno9aCcwNB9Yir3jWFU2gS:ieYQjnANno9CmYir3jCg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
689ad2785f3c54909c2740c7da2f9861_JaffaCakes118

Files

689ad2785f3c54909c2740c7da2f9861_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8f7c8adee1baeddc7d78f61d07923aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

SetFocus
SendNotifyMessageA
GetFocus
EndPaint
RegisterWindowMessageA
ReleaseDC
RedrawWindow
IsChild
SetWindowTextA
GetClassInfoExA
EqualRect
FillRect
ReleaseCapture
GetParent
GetWindowTextA
wvsprintfA
InvalidateRgn
CreateWindowExA
CreateDialogParamA
SetParent
GetActiveWindow
GetClassNameA
RegisterClassExA
DrawTextA
SendMessageA
DestroyAcceleratorTable
PeekMessageA
wsprintfA
GetSysColor
ShowWindow
PostThreadMessageA
FindWindowA
InvalidateRect
DefWindowProcA
SetWindowLongA
SendMessageTimeoutA
KillTimer
BeginPaint
GetWindowRect
GetDlgItem
IsWindow
GetClientRect
UnregisterClassA
DispatchMessageA
LoadCursorA
DestroyWindow
GetQueueStatus
SetCapture
EnumDisplayDevicesA
GetWindow
GetWindowTextLengthA
MoveWindow
GetWindowLongA
SetTimer
GetDC
CallWindowProcA
MsgWaitForMultipleObjects
PostMessageA
SetRect
CreateAcceleratorTableA
CopyRect
GetDesktopWindow
CharNextA
SetWindowPos

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA

gdi32

GetStockObject
DeleteDC
GetDIBits
CreateCompatibleBitmap
SelectPalette
StretchDIBits
GetDeviceCaps
RealizePalette
CreateDIBitmap
SelectObject
BitBlt
DeleteObject
GetObjectA
CreateCompatibleDC
CreateDIBSection
SetStretchBltMode
CreateSolidBrush
ExtEscape
CreateFontA
SetBkMode

ole32

OleInitialize
CoCreateInstance
OleLockRunning
CoSetProxyBlanket
StgCreateDocfile
CoTaskMemRealloc
CoInitialize
CreateBindCtx
CoGetClassObject
StgOpenStorage
CreateItemMoniker
CoTaskMemFree
OleUninitialize
BindMoniker
CoInitializeSecurity
StringFromGUID2
CreateStreamOnHGlobal
CoTaskMemAlloc
GetRunningObjectTable
CoUninitialize
CLSIDFromProgID
StgIsStorageFile
CLSIDFromString

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

gdiplus

GdipCreateBitmapFromFile
GdipAlloc
GdipFree
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCloneImage

kernel32

GetShortPathNameW
CreateFileW
GlobalSize
UnmapViewOfFile
MapViewOfFile
DisableThreadLibraryCalls
CreateFileMappingA
WriteFile
GetProcessId
GlobalFree
CreateFileA
EnumResourceTypesA
SetFilePointer
LocalFree
ReadFile
GetTickCount
GetFileAttributesA
WideCharToMultiByte
LocalAlloc
GlobalAlloc
GetFileSize
Sleep
CloseHandle

shlwapi

PathFileExistsW
PathCombineW

advapi32

CryptDestroyKey
CryptGetHashParam
CryptImportKey
CryptEncrypt
RegQueryInfoKeyA
RegQueryValueExA
CryptReleaseContext
CryptDestroyHash
RegEnumKeyExA
RegCloseKey
CryptCreateHash
RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
CryptHashData
CryptAcquireContextA
RegDeleteValueA
RegDeleteKeyA

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8f7c8adee1baeddc7d78f61d07923aa

Headers

File Characteristics

Imports

shell32

user32

version

gdi32

ole32

setupapi

gdiplus

kernel32

shlwapi

advapi32

wininet

winmm

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 69KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 88KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 69KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 88KB