8eefebd7848fe973d645f9da11d2c240_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8eefebd7848fe973d645f9da11d2c240_JaffaCakes118
Size

181KB
MD5

8eefebd7848fe973d645f9da11d2c240
SHA1

84020c92001f2de3a29751dabf2fc9de889e9ca0
SHA256

7bb7eb16be7e218a4093f516dc8eaa75b049ddba4f9bc9e6f9a15518b38691db
SHA512

1257968a00ea05bc241ffd661366150104e55181b1b1968fff8ba1e8070beb33c613e990388b26deffcc98e5b1f8c74238a6fe74cec9a8dc2fdecb01767b1571
SSDEEP

3072:I9vDS5+y9wpUAG9FTM/1JpvwAjYYGHwo/PweJNvIgeYecEE9sP9ecdSI:av2wlURFTMjVwAjYx/PwevuU99sPoc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8eefebd7848fe973d645f9da11d2c240_JaffaCakes118

Files

8eefebd7848fe973d645f9da11d2c240_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6a6dae1d6c3e7305743139a5e0a80cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchDIBits
SelectPalette
RealizePalette
GetStockObject
GetObjectA
DeleteDC
ExtEscape
BitBlt
CreateCompatibleDC
DeleteObject
CreateFontA
CreateDIBitmap
SetStretchBltMode
CreateDIBSection
GetDeviceCaps
GetDIBits
SelectObject
CreateCompatibleBitmap
CreateSolidBrush
SetBkMode

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

gdiplus

GdipFree
GdipAlloc
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCloneImage

user32

RegisterClassExA
BeginPaint
EnumDisplayDevicesA
DestroyAcceleratorTable
CallWindowProcA
GetWindowRect
RegisterWindowMessageA
CopyRect
FindWindowA
PostThreadMessageA
GetDlgItem
SetFocus
GetWindow
KillTimer
DestroyWindow
GetSysColor
FillRect
wvsprintfA
InvalidateRgn
IsWindow
DrawTextA
DispatchMessageA
GetWindowLongA
CreateAcceleratorTableA
PostMessageA
MoveWindow
SetParent
GetDesktopWindow
DefWindowProcA
GetDC
SendMessageA
SetCapture
InvalidateRect
SendMessageTimeoutA
MsgWaitForMultipleObjects
GetWindowTextLengthA
GetClassNameA
EqualRect
ShowWindow
GetWindowTextA
GetActiveWindow
GetFocus
LoadCursorA
CharNextA
GetQueueStatus
GetClassInfoExA
IsChild
UnregisterClassA
SetRect
SetTimer
GetParent
SetWindowTextA
wsprintfA
SetWindowLongA
CreateDialogParamA
GetClientRect
SendNotifyMessageA
PeekMessageA
RedrawWindow
ReleaseCapture
EndPaint
ReleaseDC
CreateWindowExA
SetWindowPos

kernel32

GetShortPathNameW
GlobalAlloc
CreateFileW
DisableThreadLibraryCalls
LocalFree
GlobalSize
GetProcessAffinityMask
MapViewOfFile
WideCharToMultiByte
LocalAlloc
CreateFileA
Sleep
EnumResourceTypesA
CreateFileMappingA
GetFileAttributesA
ReadFile
UnmapViewOfFile
GetTickCount
SetFilePointer
GlobalFree
WriteFile
GetFileSize
CloseHandle

advapi32

CryptGetHashParam
RegOpenKeyExA
RegCloseKey
CryptImportKey
RegQueryInfoKeyA
RegCreateKeyExA
CryptAcquireContextA
CryptHashData
CryptCreateHash
RegQueryValueExA
CryptDestroyHash
RegEnumValueA
CryptEncrypt
RegEnumKeyExA
RegSetValueExA
CryptReleaseContext
RegDeleteValueA
CryptDestroyKey
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
CoSetProxyBlanket
CreateStreamOnHGlobal
CoUninitialize
OleLockRunning
CoTaskMemFree
CreateItemMoniker
BindMoniker
CoGetClassObject
StringFromGUID2
GetRunningObjectTable
CreateBindCtx
StgOpenStorage
StgIsStorageFile
CLSIDFromProgID
OleUninitialize
CoInitialize
OleInitialize
CoTaskMemRealloc
StgCreateDocfile
CoCreateInstance
CoInitializeSecurity
CLSIDFromString

shlwapi

PathFileExistsW
PathCombineW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6a6dae1d6c3e7305743139a5e0a80cd

Headers

File Characteristics

Imports

gdi32

wininet

winmm

gdiplus

user32

kernel32

advapi32

shell32

ole32

shlwapi

setupapi

version

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 240KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 240KB