b1b3999730d8086cb5d14b3947bf9455_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1b3999730d8086cb5d14b3947bf9455_JaffaCakes118
Size

182KB
MD5

b1b3999730d8086cb5d14b3947bf9455
SHA1

8e0d4a8de8b43662818dee3eeb7b0ee0bcdea5ad
SHA256

ed16375e48b63d641e2055d70338ee9069c9447c066b58a2876bffd241d5efef
SHA512

1defcbb05055d4e9f414d510ef1370c82ed88015ee88a6ecea6da1a7686fa6fe7fb8da08302974731178c5797f466392ec0a1353d03ef8450a459cc2aece5f29
SSDEEP

3072:H1pDlekDBGgdaL8CNesX3ug90dwDkRd1nEc+7onWx50YRO:/l9GUzkpX+PRb/AonWzR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1b3999730d8086cb5d14b3947bf9455_JaffaCakes118

Files

b1b3999730d8086cb5d14b3947bf9455_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ba2181b9008e6747357b7f97ac6216b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueA

winmm

timeGetTime
timeSetEvent

shlwapi

PathFileExistsW
PathCombineW

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

gdi32

CreateDIBitmap
GetObjectA
ExtEscape
DeleteObject
RealizePalette
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
SelectObject
SetStretchBltMode
SelectPalette
CreateFontA
DeleteDC
GetDIBits
GetStockObject
GetDeviceCaps
CreateSolidBrush
BitBlt
StretchDIBits
SetBkMode

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

ole32

CoTaskMemAlloc
CoInitializeSecurity
CoGetClassObject
CoTaskMemRealloc
CreateStreamOnHGlobal
StgCreateDocfile
CoInitialize
CoSetProxyBlanket
CreateItemMoniker
BindMoniker
StgIsStorageFile
CoTaskMemFree
CoCreateInstance
CLSIDFromProgID
OleUninitialize
StgOpenStorage
StringFromGUID2
CreateBindCtx
OleInitialize
OleLockRunning
GetRunningObjectTable
CoUninitialize
CLSIDFromString

gdiplus

GdipCreateBitmapFromFile
GdipFree
GdipDisposeImage
GdipAlloc
GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipCloneImage

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

advapi32

CryptImportKey
RegQueryInfoKeyA
CryptAcquireContextA
CryptEncrypt
RegCloseKey
CryptReleaseContext
CryptDestroyKey
RegOpenKeyExA
CryptDestroyHash
RegSetValueExA
RegEnumValueA
RegQueryValueExA
CryptCreateHash
CryptGetHashParam
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA
CryptHashData
RegDeleteKeyA

kernel32

CreateFileA
GetLongPathNameW
GlobalAlloc
DisableThreadLibraryCalls
GetFileSize
SetFilePointer
GetProcessId
CreateFileMappingA
UnmapViewOfFile
CreateFileW
WideCharToMultiByte
LocalAlloc
EnumResourceTypesA
ReadFile
GetFileAttributesA
LocalFree
GlobalSize
MapViewOfFile
GetTickCount
Sleep
WriteFile
GlobalFree
CloseHandle

user32

IsWindow
wvsprintfA
MsgWaitForMultipleObjects
SetTimer
RegisterWindowMessageA
GetWindowTextA
UnregisterClassA
SetWindowTextA
GetSysColor
CopyRect
GetParent
DefWindowProcA
PostThreadMessageA
GetClientRect
DestroyWindow
EqualRect
CallWindowProcA
GetWindow
SetFocus
PostMessageA
GetActiveWindow
ShowWindow
GetWindowRect
InvalidateRgn
SetRect
SetParent
FillRect
ReleaseDC
wsprintfA
LoadCursorA
SendMessageTimeoutA
KillTimer
EndPaint
SetCapture
GetDC
IsChild
GetFocus
GetClassNameA
CreateWindowExA
RedrawWindow
GetClassInfoExA
SetWindowLongA
DestroyAcceleratorTable
EnumDisplayDevicesA
SendMessageA
MoveWindow
CreateDialogParamA
FindWindowA
GetQueueStatus
GetWindowTextLengthA
GetDesktopWindow
GetDlgItem
GetWindowLongA
SendNotifyMessageA
BeginPaint
ReleaseCapture
DispatchMessageA
InvalidateRect
CreateAcceleratorTableA
PeekMessageA
CharNextA
RegisterClassExA
DrawTextA
SetWindowPos

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ba2181b9008e6747357b7f97ac6216b

Headers

File Characteristics

Imports

version

winmm

shlwapi

shell32

gdi32

setupapi

ole32

gdiplus

wininet

advapi32

kernel32

user32

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 70KB - Virtual size: 70KB

.tls Size: 1024B - Virtual size: 240KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 70KB - Virtual size: 70KB

.tls
Size: 1024B - Virtual size: 240KB