ad239c6f3fe0375582a95e2c51f9bb43_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad239c6f3fe0375582a95e2c51f9bb43_JaffaCakes118
Size

177KB
MD5

ad239c6f3fe0375582a95e2c51f9bb43
SHA1

c136a46898ac912cab01fbb85e5a1280fefb88fb
SHA256

7b7966c80a9dcda06feec4f6715d2fd17b4edb0a6a3cd09b75fe71f52f654bba
SHA512

f3a65cf2a0d939c03a553a8d1242ba1e8fe93c504a2199fe08cdd1b18e659f30c28bb438df519f955fce8aea31bbd63fb1c09fed30f377e4c726beb320898fb6
SSDEEP

3072:ltXe0v7oFE7a/HnOs/fttLHGBs5+HdUFxGgJz80ePzYezHdmAovQ/G8IfFFuK7:lNv7oFcS3mq5+H2780erHh0Nf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad239c6f3fe0375582a95e2c51f9bb43_JaffaCakes118

Files

ad239c6f3fe0375582a95e2c51f9bb43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42175e619299b06ff6f4e7b0854cf011

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

ole32

CoUninitialize
CLSIDFromProgID
CoCreateInstance
CoTaskMemRealloc
StgOpenStorage
StgIsStorageFile
OleInitialize
OleLockRunning
StringFromGUID2
BindMoniker
CoTaskMemFree
GetRunningObjectTable
CreateStreamOnHGlobal
CoInitialize
OleUninitialize
CoInitializeSecurity
StgCreateDocfile
CoGetClassObject
CoTaskMemAlloc
CoSetProxyBlanket
CreateItemMoniker
CreateBindCtx
CLSIDFromString

kernel32

GetShortPathNameW
DisableThreadLibraryCalls
GetFileSize
SetFilePointer
ReadFile
GetProcessAffinityMask
CreateFileW
WriteFile
GlobalSize
MapViewOfFile
CreateFileA
GlobalAlloc
EnumResourceTypesA
WideCharToMultiByte
GetTickCount
CreateFileMappingA
UnmapViewOfFile
GetFileAttributesA
GlobalFree
LocalFree
Sleep
LocalAlloc
CloseHandle

winmm

timeGetTime
timeSetEvent

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

gdi32

BitBlt
RealizePalette
GetDeviceCaps
GetStockObject
CreateFontA
DeleteObject
CreateCompatibleDC
SelectPalette
CreateDIBSection
SelectObject
CreateSolidBrush
ExtEscape
GetObjectA
CreateCompatibleBitmap
SetStretchBltMode
DeleteDC
CreateDIBitmap
GetDIBits
StretchDIBits
SetBkMode

gdiplus

GdipAlloc
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipFree
GdipCloneImage

advapi32

CryptImportKey
RegCreateKeyExA
CryptReleaseContext
RegOpenKeyExA
CryptCreateHash
CryptHashData
RegQueryInfoKeyA
CryptDestroyHash
CryptAcquireContextA
CryptDestroyKey
RegEnumValueA
RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegCloseKey
CryptEncrypt
RegQueryValueExA
CryptGetHashParam
RegDeleteKeyA

user32

MsgWaitForMultipleObjects
CreateWindowExA
GetWindowLongA
SetParent
FindWindowA
GetWindowRect
InvalidateRect
SendNotifyMessageA
SetCapture
SetRect
RegisterWindowMessageA
GetQueueStatus
IsChild
SetWindowLongA
EqualRect
GetDesktopWindow
CharNextA
EnumDisplayDevicesA
GetDlgItem
FillRect
GetSysColor
ReleaseDC
DestroyAcceleratorTable
LoadCursorA
GetActiveWindow
SendMessageA
BeginPaint
CreateDialogParamA
DestroyWindow
DispatchMessageA
PeekMessageA
ReleaseCapture
RedrawWindow
SetTimer
IsWindow
CopyRect
CreateAcceleratorTableA
SetWindowTextA
PostThreadMessageA
PostMessageA
GetWindowTextA
UnregisterClassA
GetDC
GetClassNameA
DefWindowProcA
SetFocus
MoveWindow
ShowWindow
GetClassInfoExA
InvalidateRgn
DrawTextA
GetFocus
KillTimer
GetWindow
SendMessageTimeoutA
wvsprintfA
GetWindowTextLengthA
EndPaint
wsprintfA
RegisterClassExA
CallWindowProcA
GetParent
GetClientRect
SetWindowPos

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42175e619299b06ff6f4e7b0854cf011

Headers

File Characteristics

Imports

shlwapi

ole32

kernel32

winmm

wininet

gdi32

gdiplus

advapi32

user32

setupapi

version

shell32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 68KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 88KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 68KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 88KB