7472deca444f63c30d1bbab8199a8976_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7472deca444f63c30d1bbab8199a8976_JaffaCakes118
Size

169KB
MD5

7472deca444f63c30d1bbab8199a8976
SHA1

4d0358b9acfd65ed3502aa0a64013b49f3cc34e8
SHA256

fcf9b69c8878faabd92c9baa00f0c6bd412784b78e3a7e3ce9f29d49cf4a6dd3
SHA512

9c8a78830f905b768d90942b8c3b5b6dc62f925436eb31ed72c23bc1bdeb86f007579388854f5f966008db8b8883e4e2a00bacf1c06285df091f12b2aa431def
SSDEEP

3072:9oOjPtSZlU7D+FLuzFLzkBx9xE5uefNvC18CppiYTNXP/F9:9oCVSLU7KFSzFLYg5FdU8CjiYTxP/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7472deca444f63c30d1bbab8199a8976_JaffaCakes118

Files

7472deca444f63c30d1bbab8199a8976_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e271f9c52bce7cd629d5ba59360eb57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

shlwapi

PathFileExistsW
PathCombineW

kernel32

WideCharToMultiByte
GetShortPathNameW
MapViewOfFile
GlobalFree
SetFilePointer
GlobalSize
CreateFileW
GetProcessAffinityMask
LocalFree
DisableThreadLibraryCalls
GetFileSize
EnumResourceTypesW
GlobalAlloc
CreateFileMappingA
GetTickCount
UnmapViewOfFile
Sleep
GetFileAttributesA
ReadFile
CreateFileA
WriteFile
LocalAlloc
CloseHandle

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

ole32

CoInitializeSecurity
CreateItemMoniker
CoSetProxyBlanket
CoGetClassObject
CoUninitialize
BindMoniker
CoTaskMemAlloc
CLSIDFromProgID
StgOpenStorage
CoInitialize
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
StgIsStorageFile
StringFromGUID2
OleInitialize
GetRunningObjectTable
StgCreateDocfile
CoCreateInstance
OleLockRunning
OleUninitialize
CreateBindCtx
CLSIDFromString

gdi32

DeleteObject
SelectObject
DeleteDC
CreateCompatibleBitmap
GetDIBits
CreateSolidBrush
SelectPalette
ExtEscape
RealizePalette
CreateCompatibleDC
SetStretchBltMode
GetStockObject
StretchDIBits
CreateDIBitmap
CreateFontA
GetDeviceCaps
BitBlt
GetObjectA
CreateDIBSection
SetBkMode

user32

EqualRect
ReleaseDC
EnumDisplayDevicesA
IsWindow
wvsprintfA
GetClientRect
GetClassInfoExA
GetWindowLongA
MoveWindow
EndPaint
GetQueueStatus
BeginPaint
wsprintfA
CreateDialogParamA
SetRect
GetWindowRect
GetParent
RegisterClassExA
GetActiveWindow
CallWindowProcA
SetParent
GetSysColor
SetFocus
SendNotifyMessageA
CreateWindowExA
FindWindowA
DrawTextA
MsgWaitForMultipleObjects
IsChild
GetDesktopWindow
GetWindowTextA
SetWindowLongA
UnregisterClassA
RedrawWindow
DestroyWindow
GetWindowTextLengthA
FillRect
DestroyAcceleratorTable
KillTimer
GetDC
InvalidateRect
GetDlgItem
SetTimer
RegisterWindowMessageA
CopyRect
GetClassNameA
SendMessageTimeoutA
InvalidateRgn
GetFocus
SendMessageA
SetWindowTextA
LoadCursorA
PeekMessageA
GetWindow
PostThreadMessageA
SetCapture
CharNextA
ReleaseCapture
DispatchMessageA
DefWindowProcA
CreateAcceleratorTableA
PostMessageA
ShowWindow
SetWindowPos

advapi32

RegCreateKeyExA
CryptEncrypt
CryptImportKey
RegEnumKeyExA
CryptAcquireContextA
RegQueryValueExA
RegSetValueExA
CryptHashData
RegQueryInfoKeyA
CryptReleaseContext
CryptCreateHash
RegOpenKeyExA
CryptDestroyHash
RegDeleteValueA
RegEnumValueA
RegCloseKey
CryptGetHashParam
CryptDestroyKey
RegDeleteKeyA

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

gdiplus

GdipCreateBitmapFromFile
GdipFree
GdipCreateBitmapFromFileICM
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneImage

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e271f9c52bce7cd629d5ba59360eb57

Headers

File Characteristics

Imports

shell32

winmm

shlwapi

kernel32

version

setupapi

ole32

gdi32

user32

advapi32

wininet

gdiplus

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 66KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 66KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 96KB