b355c851e4ec68f39bc0e1b0e8a20062_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b355c851e4ec68f39bc0e1b0e8a20062_JaffaCakes118
Size

167KB
MD5

b355c851e4ec68f39bc0e1b0e8a20062
SHA1

ac2f8deb3e5ebba277f60f414938cac18b80b982
SHA256

48824d43f3120c5941de2b3beca7ac4a1892c0455ed4f18b463de80df991dcb1
SHA512

039844a7f55721486d58454d987bcc910431896cb027f2b41b8b0b1d50123933fcb9412eb20a82bb3017f2587978ee8b89f62fe5b5590df329396767fdcae76c
SSDEEP

3072:w4ZF3nu4vCpgQHzFndHdLDJJUnDtx7NB2tRGeq7qCuGxPNgd:Zn3Pov5dHd/Jex7NeTq7qCueO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b355c851e4ec68f39bc0e1b0e8a20062_JaffaCakes118

Files

b355c851e4ec68f39bc0e1b0e8a20062_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f27eb3ae11c8b6f0950f9815840831a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

ole32

CLSIDFromProgID
CoSetProxyBlanket
StgCreateDocfile
OleLockRunning
GetRunningObjectTable
CoGetClassObject
CreateItemMoniker
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
OleUninitialize
StgOpenStorage
CreateStreamOnHGlobal
OleInitialize
StgIsStorageFile
CoTaskMemFree
CoInitializeSecurity
CoUninitialize
CreateBindCtx
CoInitialize
CoTaskMemRealloc
BindMoniker
CLSIDFromString

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

user32

DispatchMessageA
GetWindowRect
GetFocus
PostMessageA
GetDC
GetSysColor
LoadCursorA
ReleaseCapture
UnregisterClassA
GetClientRect
DrawTextA
DestroyAcceleratorTable
ReleaseDC
SendMessageTimeoutA
SetCapture
RegisterClassExA
SendNotifyMessageA
SetTimer
MoveWindow
GetQueueStatus
wvsprintfA
MsgWaitForMultipleObjects
InvalidateRect
RegisterWindowMessageA
PeekMessageA
FindWindowA
RedrawWindow
SetWindowLongA
CreateWindowExA
DestroyWindow
BeginPaint
GetParent
EnumDisplayDevicesA
SetWindowTextA
SetParent
CopyRect
GetActiveWindow
IsWindow
CallWindowProcA
GetWindowLongA
GetWindow
GetDesktopWindow
IsChild
EqualRect
ShowWindow
GetWindowTextA
PostThreadMessageA
GetDlgItem
CreateDialogParamA
KillTimer
wsprintfA
SendMessageA
CharNextA
SetFocus
GetClassNameA
InvalidateRgn
EndPaint
GetWindowTextLengthA
GetClassInfoExA
DefWindowProcA
SetRect
CreateAcceleratorTableA
FillRect
SetWindowPos

gdi32

CreateSolidBrush
CreateDIBitmap
CreateCompatibleBitmap
GetObjectA
SelectPalette
DeleteObject
SetStretchBltMode
StretchDIBits
CreateFontA
GetDeviceCaps
BitBlt
CreateDIBSection
GetDIBits
CreateCompatibleDC
RealizePalette
DeleteDC
ExtEscape
SelectObject
GetStockObject
SetBkMode

kernel32

GetShortPathNameW
ReadFile
WideCharToMultiByte
CreateFileMappingA
GlobalAlloc
GetTickCount
DisableThreadLibraryCalls
GetProcessAffinityMask
CreateFileA
GlobalSize
SetFilePointer
WriteFile
EnumResourceTypesW
UnmapViewOfFile
LocalAlloc
GlobalFree
GetFileAttributesA
Sleep
GetFileSize
MapViewOfFile
LocalFree
CreateFileW
CloseHandle

advapi32

RegQueryValueExA
RegOpenKeyExA
CryptAcquireContextA
RegQueryInfoKeyA
RegCloseKey
RegEnumValueA
RegSetValueExA
RegEnumKeyExA
RegCreateKeyExA
CryptCreateHash
CryptDestroyKey
CryptEncrypt
CryptReleaseContext
CryptHashData
CryptImportKey
CryptDestroyHash
CryptGetHashParam
RegDeleteValueA
RegDeleteKeyA

gdiplus

GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipCloneImage

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

version

GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f27eb3ae11c8b6f0950f9815840831a

Headers

File Characteristics

Imports

shlwapi

setupapi

ole32

wininet

winmm

user32

gdi32

kernel32

advapi32

gdiplus

shell32

version

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 63KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 63KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 96KB