b0844f6380b759b35efe34dc13a6333b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b0844f6380b759b35efe34dc13a6333b_JaffaCakes118
Size

176KB
MD5

b0844f6380b759b35efe34dc13a6333b
SHA1

4795a23aaa8519efc766ea8524814b632b8097dc
SHA256

0526825c7d19682ece4ef9763c5f774c3a95d9c6b9e9984cc3784eabe7e6f8d9
SHA512

9e9b48b22e2136aa36f20b06aa830c65f7c8e154d38c325079bbdde190f0057bc559b048a695e7bdf9fad503d589d18cc82188d94925f1f5008dc853d3532487
SSDEEP

3072:XPda+bPuQpgaK2LZDXz+kQG2oSlPtgHDIK2IK2gscn2j1cMI9rPJGc:fdBbPJpqGskQtoSAKhsE2j1cfJG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0844f6380b759b35efe34dc13a6333b_JaffaCakes118

Files

b0844f6380b759b35efe34dc13a6333b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f568383b838de5103663858f1aa6e7c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipFree
GdipCreateBitmapFromFile
GdipAlloc
GdipCloneImage

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

advapi32

RegEnumKeyExA
RegEnumValueA
CryptAcquireContextA
RegCloseKey
RegCreateKeyExA
CryptReleaseContext
RegDeleteValueA
CryptEncrypt
RegSetValueExA
CryptImportKey
RegOpenKeyExA
CryptCreateHash
CryptHashData
RegQueryInfoKeyA
RegQueryValueExA
CryptGetHashParam
CryptDestroyKey
CryptDestroyHash
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

gdi32

GetDIBits
BitBlt
CreateDIBitmap
GetStockObject
CreateCompatibleDC
SelectPalette
CreateSolidBrush
SelectObject
CreateDIBSection
DeleteObject
RealizePalette
ExtEscape
GetObjectA
GetDeviceCaps
CreateFontA
DeleteDC
StretchDIBits
CreateCompatibleBitmap
SetStretchBltMode
SetBkMode

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

GetShortPathNameW
LocalAlloc
MapViewOfFile
CreateFileW
SetFilePointer
GetProcessId
GlobalSize
UnmapViewOfFile
GlobalAlloc
GlobalFree
ReadFile
CreateFileMappingA
EnumResourceTypesA
CreateFileA
WideCharToMultiByte
GetFileAttributesA
GetTickCount
LocalFree
WriteFile
DisableThreadLibraryCalls
Sleep
GetFileSize
CloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

user32

GetWindowRect
MoveWindow
wsprintfA
DefWindowProcA
CallWindowProcA
IsChild
EndPaint
GetWindowTextA
InvalidateRgn
SendMessageTimeoutA
RegisterClassExA
GetClientRect
DrawTextA
SendMessageA
PostThreadMessageA
GetQueueStatus
SetTimer
PostMessageA
DispatchMessageA
GetClassNameA
FindWindowA
ReleaseCapture
GetSysColor
SetWindowTextA
UnregisterClassA
GetWindow
CharNextA
GetDC
ShowWindow
CopyRect
SetFocus
GetFocus
GetParent
PeekMessageA
EqualRect
EnumDisplayDevicesA
SetWindowLongA
FillRect
SendNotifyMessageA
GetDesktopWindow
CreateAcceleratorTableA
SetCapture
GetWindowLongA
GetActiveWindow
InvalidateRect
RedrawWindow
DestroyAcceleratorTable
DestroyWindow
LoadCursorA
SetRect
CreateDialogParamA
KillTimer
GetWindowTextLengthA
IsWindow
SetParent
ReleaseDC
wvsprintfA
GetClassInfoExA
GetDlgItem
MsgWaitForMultipleObjects
BeginPaint
RegisterWindowMessageA
CreateWindowExA
SetWindowPos

ole32

CreateItemMoniker
OleInitialize
CoTaskMemFree
StgCreateDocfile
CoTaskMemAlloc
CoInitializeSecurity
StringFromGUID2
StgOpenStorage
CoCreateInstance
CoGetClassObject
OleLockRunning
GetRunningObjectTable
OleUninitialize
BindMoniker
CoSetProxyBlanket
CoTaskMemRealloc
StgIsStorageFile
CoInitialize
CLSIDFromProgID
CoUninitialize
CreateBindCtx
CreateStreamOnHGlobal
CLSIDFromString

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f568383b838de5103663858f1aa6e7c9

Headers

File Characteristics

Imports

gdiplus

wininet

advapi32

shlwapi

gdi32

version

setupapi

kernel32

shell32

winmm

user32

ole32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 68KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 88KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 68KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 88KB