898fb5d1275ad3639ca9d486ab006902_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

898fb5d1275ad3639ca9d486ab006902_JaffaCakes118
Size

176KB
MD5

898fb5d1275ad3639ca9d486ab006902
SHA1

028ac1c04a2e5f65e997d28979528ff94f816c0f
SHA256

929ec94a91994ffb2b3c85f16737267e4a43162636da856fa892639802f1da55
SHA512

6e7b0edfea5074eb032682757a076414325c0408faef70b6d09fb278e534e3ce5217d31a1d29c65fb09745125427fec2ba4d8ca582df85bbfdc62638c28f20bf
SSDEEP

3072:92B9iUaa5rP6vNQUdVyBluxmneDVwNrZfaSwjYOGxKK:s9N5G+UTyBlsDVwsCUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
898fb5d1275ad3639ca9d486ab006902_JaffaCakes118

Files

898fb5d1275ad3639ca9d486ab006902_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5aedafd28bf8bfb22f316982dbbe792

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
GetClassNameA
GetParent
GetClassInfoExA
GetDesktopWindow
CopyRect
SetWindowLongA
CreateDialogParamA
MsgWaitForMultipleObjects
GetQueueStatus
CharNextA
PostThreadMessageA
GetWindowTextLengthA
RegisterWindowMessageA
EndPaint
GetWindow
CallWindowProcA
SetWindowTextA
GetFocus
InvalidateRgn
DestroyAcceleratorTable
SetParent
DispatchMessageA
SetTimer
GetSysColor
LoadCursorA
GetWindowTextA
GetDC
ReleaseDC
wsprintfA
FindWindowA
KillTimer
ReleaseCapture
wvsprintfA
IsWindow
GetWindowRect
SendMessageTimeoutA
CreateWindowExA
SetCapture
BeginPaint
RedrawWindow
EqualRect
CreateAcceleratorTableA
MoveWindow
PeekMessageA
DestroyWindow
RegisterClassExA
GetDlgItem
DefWindowProcA
SetFocus
IsChild
GetClientRect
PostMessageA
SetRect
GetActiveWindow
SendMessageA
GetWindowLongA
EnumDisplayDevicesA
UnregisterClassA
InvalidateRect
DrawTextA
SendNotifyMessageA
FillRect
SetWindowPos

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

advapi32

CryptGetHashParam
CryptDestroyKey
CryptDestroyHash
CryptEncrypt
RegQueryValueExA
RegEnumValueA
CryptHashData
CryptCreateHash
RegCreateKeyExA
RegDeleteValueA
CryptAcquireContextA
CryptReleaseContext
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
CryptImportKey
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

gdiplus

GdipFree
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFile
GdipAlloc
GdipCloneImage

kernel32

GetShortPathNameW
DisableThreadLibraryCalls
LocalAlloc
SetFilePointer
Sleep
GetTickCount
GetProcessAffinityMask
MapViewOfFile
CreateFileW
UnmapViewOfFile
CreateFileA
WideCharToMultiByte
WriteFile
EnumResourceTypesA
GetFileAttributesA
CreateFileMappingA
GetFileSize
GlobalFree
LocalFree
GlobalAlloc
GlobalSize
ReadFile
CloseHandle

shlwapi

PathFileExistsW
PathCombineW

ole32

CoCreateInstance
CLSIDFromProgID
StgOpenStorage
CoTaskMemFree
OleInitialize
OleUninitialize
GetRunningObjectTable
OleLockRunning
CoTaskMemRealloc
CoSetProxyBlanket
CreateBindCtx
StringFromGUID2
CreateStreamOnHGlobal
CoTaskMemAlloc
CoGetClassObject
CreateItemMoniker
CoUninitialize
StgCreateDocfile
BindMoniker
CoInitializeSecurity
CoInitialize
StgIsStorageFile
CLSIDFromString

gdi32

CreateSolidBrush
GetDeviceCaps
GetStockObject
DeleteObject
CreateFontA
CreateDIBitmap
CreateCompatibleDC
GetObjectA
SelectObject
GetDIBits
SetStretchBltMode
CreateDIBSection
RealizePalette
ExtEscape
CreateCompatibleBitmap
StretchDIBits
SelectPalette
BitBlt
DeleteDC
SetBkMode

winmm

timeGetTime
timeSetEvent

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
VerQueryValueA

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5aedafd28bf8bfb22f316982dbbe792

Headers

File Characteristics

Imports

user32

wininet

shell32

advapi32

setupapi

gdiplus

kernel32

shlwapi

ole32

gdi32

winmm

version

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 67KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 67KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 92KB