72cd02bb45db99bae9063452b21e63eb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72cd02bb45db99bae9063452b21e63eb_JaffaCakes118
Size

181KB
MD5

72cd02bb45db99bae9063452b21e63eb
SHA1

24cd3ec87575f8101575cfc923684d965052ba54
SHA256

3327c35858eb8156575e04e0ba5269d68b92988fea6fe99250fdb94da3bb6c62
SHA512

3dc498125a10adb76d5d3740626a63f296848d7d30c3d267afd816c83a85e9f8d858399e74ae032cb5921eab093f94ecd6bdc4f2d24701c39a4660195f9b4a18
SSDEEP

3072:qbOgPj2rMhkyOJvuD57lHUnzmo9+6Mb3Aj7FRpUFfjGzH3uNsgX1R/6Hu:2HmMrOJvuF4moq8ZqjGrGvFR/Qu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72cd02bb45db99bae9063452b21e63eb_JaffaCakes118

Files

72cd02bb45db99bae9063452b21e63eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f8fcca695747a7633a0b72d531083b7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

user32

SetParent
wvsprintfA
ShowWindow
wsprintfA
DefWindowProcA
GetFocus
GetDesktopWindow
GetWindowTextLengthA
GetActiveWindow
RegisterWindowMessageA
SendMessageTimeoutA
IsChild
GetWindow
EqualRect
InvalidateRect
CreateAcceleratorTableA
MsgWaitForMultipleObjects
GetWindowLongA
FindWindowA
SendNotifyMessageA
BeginPaint
SetCapture
DrawTextA
RegisterClassExA
InvalidateRgn
DestroyWindow
DispatchMessageA
GetWindowRect
CreateWindowExA
FillRect
GetDC
SetRect
SendMessageA
GetClassInfoExA
DestroyAcceleratorTable
SetWindowLongA
PostMessageA
SetFocus
GetDlgItem
CopyRect
CreateDialogParamA
SetTimer
GetClientRect
CharNextA
SetWindowTextA
GetWindowTextA
EnumDisplayDevicesA
RedrawWindow
PeekMessageA
ReleaseDC
IsWindow
GetSysColor
EndPaint
LoadCursorA
KillTimer
CallWindowProcA
UnregisterClassA
PostThreadMessageA
GetQueueStatus
GetClassNameA
GetParent
MoveWindow
ReleaseCapture
SetWindowPos

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

kernel32

GetVolumeInformationW
InterlockedExchange
RaiseException
InterlockedDecrement
GetSystemTimeAsFileTime
GetCurrentThread
SetEnvironmentVariableW
GetSystemTime
GetLastError
CreateDirectoryA
OpenFileMappingA
FlushInstructionCache
SetEvent
GetShortPathNameW
Beep
GetLocaleInfoA
IsBadWritePtr
SizeofResource
GetSystemInfo
GlobalReAlloc
QueryPerformanceCounter
GetThreadLocale
GetProcessAffinityMask
GlobalUnlock
WaitForMultipleObjects
WriteFile
LocalFree
GlobalLock
lstrcpyA
GetProcAddress
HeapFree
MulDiv
FreeLibrary
ExitProcess
GlobalSize
lstrcpynA
TerminateProcess
CreateFileMappingA
LoadLibraryW
MapViewOfFile
GetThreadPriority
GetTickCount
GetCurrentThreadId
VirtualQuery
WriteProcessMemory
CreateDirectoryW
lstrcmpiA
GetModuleFileNameA
GetDriveTypeW
GetModuleHandleA
GetTempPathA
GetProcessHeap
EnterCriticalSection
EnumResourceTypesW
ResetEvent
CreateFileA
ReadFile
CreateSemaphoreA
LeaveCriticalSection
FindResourceA
LoadLibraryExA
VirtualFree
DeleteCriticalSection
IsDebuggerPresent
Sleep
GetFileAttributesW
_llseek
SetThreadPriority
GetFileAttributesA
GlobalAlloc
CloseHandle
WaitForSingleObject
DeviceIoControl
GetVersionExA
VirtualAlloc
OutputDebugStringW
GetTempPathW
lstrcmpA
GlobalFree
InitializeCriticalSection
OutputDebugStringA
CreateEventA
GetCurrentProcessId
LoadLibraryA
lstrlenA
IsDBCSLeadByte
IsBadReadPtr
HeapAlloc
GetACP
CreateThread
GetModuleFileNameW
VirtualProtect
GetCurrentProcess
MultiByteToWideChar
InterlockedIncrement
LoadResource
DeleteFileA
WideCharToMultiByte
lstrlenW

advapi32

CryptEncrypt
CryptImportKey
RegCreateKeyExA
CryptAcquireContextA
RegDeleteValueA
RegOpenKeyExA
RegEnumValueA
CryptHashData
RegCloseKey
CryptDestroyHash
RegQueryValueExA
RegQueryInfoKeyA
CryptReleaseContext
CryptDestroyKey
CryptGetHashParam
CryptCreateHash
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA

gdi32

CreateCompatibleDC
CreateFontA
SelectPalette
DeleteObject
CreateCompatibleBitmap
DeleteDC
StretchDIBits
GetStockObject
CreateSolidBrush
CreateDIBitmap
RealizePalette
SelectObject
ExtEscape
GetDeviceCaps
GetObjectA
SetStretchBltMode
BitBlt
CreateDIBSection
GetDIBits
SetBkMode

gdiplus

GdipDisposeImage
GdipAlloc
GdipFree
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCloneImage

shlwapi

PathFileExistsW
PathCombineW

ole32

OleInitialize
CreateStreamOnHGlobal
CoGetClassObject
CoSetProxyBlanket
StgCreateDocfile
CoTaskMemAlloc
CreateBindCtx
GetRunningObjectTable
StgIsStorageFile
CreateItemMoniker
CoUninitialize
StringFromGUID2
CoInitialize
CLSIDFromProgID
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
OleUninitialize
StgOpenStorage
CoInitializeSecurity
OleLockRunning
BindMoniker
CLSIDFromString

winmm

timeGetTime
timeSetEvent

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8fcca695747a7633a0b72d531083b7d

Headers

File Characteristics

Imports

version

user32

setupapi

wininet

kernel32

advapi32

gdi32

gdiplus

shlwapi

ole32

winmm

shell32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 7KB - Virtual size: 6KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 244KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 244KB