aa8e005b41d1ce272818f52f8209434d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aa8e005b41d1ce272818f52f8209434d_JaffaCakes118
Size

173KB
MD5

aa8e005b41d1ce272818f52f8209434d
SHA1

8f1451f1a723019dfc4ebe2935ae014b5ef2599b
SHA256

4225864d0b47596a8137306832df9af0b7d2a376be3fb6cf1dfb23a78a4bc182
SHA512

817fda5e145550d0d773781c3be9240c35a0812135ad64656b153a014846ae637352a1e916b7ff0c1d4e3f9118ed9a4ea67737c315f639c517ba30a2c7661e62
SSDEEP

3072:9coe//A1Hz896kYy95PCMFOxImwDmExB8OtUgAfoQ60QuyZF1v3:begNIQ09hCaQIvB8IUpQh0qF1v3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa8e005b41d1ce272818f52f8209434d_JaffaCakes118

Files

aa8e005b41d1ce272818f52f8209434d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48ec3e5fa9fb77167517607dfb3daf75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

advapi32

RegSetValueExA
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
CryptHashData
RegCreateKeyExA
CryptDestroyKey
CryptAcquireContextA
CryptReleaseContext
CryptEncrypt
RegDeleteValueA
CryptImportKey
RegEnumKeyExA
RegCloseKey
RegEnumValueA
RegDeleteKeyA

winmm

timeGetTime
timeSetEvent

gdi32

DeleteObject
BitBlt
SetStretchBltMode
CreateCompatibleBitmap
GetStockObject
StretchDIBits
GetDeviceCaps
SelectObject
RealizePalette
CreateDIBSection
CreateSolidBrush
CreateFontA
CreateCompatibleDC
CreateDIBitmap
GetObjectA
DeleteDC
GetDIBits
ExtEscape
SelectPalette
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

BindMoniker
CoInitialize
CoGetClassObject
CreateItemMoniker
OleUninitialize
CoUninitialize
OleLockRunning
CoInitializeSecurity
StgIsStorageFile
CreateStreamOnHGlobal
CreateBindCtx
StringFromGUID2
CoCreateInstance
CoTaskMemFree
StgCreateDocfile
GetRunningObjectTable
CoTaskMemRealloc
CLSIDFromProgID
CoSetProxyBlanket
CoTaskMemAlloc
StgOpenStorage
OleInitialize
CLSIDFromString

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

user32

ReleaseDC
CreateWindowExA
SetWindowTextA
SendNotifyMessageA
PostThreadMessageA
InvalidateRect
UnregisterClassA
SetFocus
CreateAcceleratorTableA
EndPaint
SetCapture
wsprintfA
CopyRect
BeginPaint
EqualRect
ShowWindow
CreateDialogParamA
DefWindowProcA
GetClassNameA
GetClassInfoExA
DispatchMessageA
DestroyWindow
GetDesktopWindow
GetDC
GetParent
CallWindowProcA
GetDlgItem
EnumDisplayDevicesA
GetWindowTextLengthA
RedrawWindow
GetQueueStatus
MsgWaitForMultipleObjects
GetFocus
GetWindowTextA
IsWindow
KillTimer
SendMessageA
GetWindowRect
FillRect
GetSysColor
IsChild
RegisterWindowMessageA
RegisterClassExA
GetWindow
SetParent
GetActiveWindow
LoadCursorA
ReleaseCapture
SetRect
DestroyAcceleratorTable
SetTimer
SetWindowLongA
FindWindowA
InvalidateRgn
CharNextA
SendMessageTimeoutA
DrawTextA
GetClientRect
MoveWindow
GetWindowLongA
PeekMessageA
PostMessageA
wvsprintfA
SetWindowPos

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

kernel32

GetShortPathNameW
MapViewOfFile
LocalAlloc
CreateFileA
ReadFile
UnmapViewOfFile
SetFilePointer
GetProcessAffinityMask
GlobalFree
GlobalAlloc
EnumResourceTypesA
Sleep
GetFileSize
CreateFileW
GetTickCount
GetFileAttributesA
LocalFree
CreateFileMappingA
WriteFile
GlobalSize
WideCharToMultiByte
DisableThreadLibraryCalls
CloseHandle

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueA

gdiplus

GdipGetImagePixelFormat
GdipAlloc
GdipCreateBitmapFromFile
GdipDisposeImage
GdipFree
GdipCreateBitmapFromFileICM
GdipCloneImage

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48ec3e5fa9fb77167517607dfb3daf75

Headers

File Characteristics

Imports

shlwapi

advapi32

winmm

gdi32

shell32

ole32

wininet

user32

setupapi

kernel32

version

gdiplus

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 92KB