bf247e8ef97d5e42726368792d7f2cf4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf247e8ef97d5e42726368792d7f2cf4_JaffaCakes118
Size

186KB
MD5

bf247e8ef97d5e42726368792d7f2cf4
SHA1

55c254ee5ccedadce355eab4320dda895ae3c962
SHA256

d92f111cc005a5309bf66306edf5af7c0da9a17eea71255a68203c462b2af1a4
SHA512

d5f929731344bb87bc998f2b8362eafcf8fe9eb4e5e3cf4be67ece0997e2333cb3105123ec219f569d2cdcfb9dfe0e7a4422a3b7a344df582d03de063cb2a766
SSDEEP

3072:AjQdMkXCWwiBSk1l05FhmshBcdEDHDGFZOStO/OUiTiCwwq34Kh0O+nlEhVJ:AStXCJClqFEOgHflO/OUMjwwqIKqzlEF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf247e8ef97d5e42726368792d7f2cf4_JaffaCakes118

Files

bf247e8ef97d5e42726368792d7f2cf4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b7f83a7b3e8d42bb65294db7895a683

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wvsprintfA
DestroyWindow
GetDC
MoveWindow
IsWindow
KillTimer
GetClientRect
RegisterWindowMessageA
SendNotifyMessageA
SetCapture
SetTimer
GetClassNameA
EqualRect
LoadCursorA
CreateAcceleratorTableA
GetWindowTextLengthA
DefWindowProcA
UnregisterClassA
CreateWindowExA
GetWindowRect
GetDlgItem
InvalidateRect
GetSysColor
IsChild
GetFocus
GetActiveWindow
PeekMessageA
MsgWaitForMultipleObjects
GetWindow
CharNextA
wsprintfA
ReleaseCapture
RegisterClassExA
EndPaint
EnumDisplayDevicesA
DrawTextA
CopyRect
DispatchMessageA
GetWindowLongA
SendMessageTimeoutA
RedrawWindow
ShowWindow
PostMessageA
GetDesktopWindow
FindWindowA
BeginPaint
GetWindowTextA
GetParent
CreateDialogParamA
PostThreadMessageA
DestroyAcceleratorTable
SetWindowTextA
InvalidateRgn
GetQueueStatus
FillRect
GetClassInfoExA
SetWindowLongA
SendMessageA
CallWindowProcA
SetParent
ReleaseDC
SetFocus
SetRect
SetWindowPos

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

advapi32

RegEnumValueA
RegSetValueExA
CryptEncrypt
CryptImportKey
CryptDestroyHash
RegQueryValueExA
CryptAcquireContextA
RegQueryInfoKeyA
CryptDestroyKey
CryptCreateHash
RegOpenKeyExA
CryptReleaseContext
CryptGetHashParam
RegDeleteValueA
RegCreateKeyExA
RegEnumKeyExA
CryptHashData
RegCloseKey
RegDeleteKeyA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

gdi32

DeleteDC
StretchDIBits
CreateDIBSection
DeleteObject
CreateDIBitmap
CreateCompatibleBitmap
CreateSolidBrush
GetDIBits
CreateCompatibleDC
RealizePalette
SelectPalette
SelectObject
GetStockObject
GetObjectA
ExtEscape
GetDeviceCaps
SetStretchBltMode
CreateFontA
BitBlt
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

StgIsStorageFile
CoGetClassObject
BindMoniker
StringFromGUID2
CLSIDFromProgID
CreateItemMoniker
OleLockRunning
CoTaskMemRealloc
StgOpenStorage
OleUninitialize
CreateBindCtx
CoSetProxyBlanket
CoTaskMemFree
CoCreateInstance
OleInitialize
StgCreateDocfile
CreateStreamOnHGlobal
GetRunningObjectTable
CoInitializeSecurity
CoUninitialize
CoTaskMemAlloc
CoInitialize
CLSIDFromString

shlwapi

PathFileExistsW
PathCombineW

gdiplus

GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipFree
GdipCloneImage

winmm

timeGetTime
timeSetEvent

kernel32

LocalAlloc
DisableThreadLibraryCalls
GetShortPathNameW
WriteFile
GlobalAlloc
GlobalSize
GetProcessId
CreateFileMappingA
WideCharToMultiByte
Sleep
EnumResourceTypesA
UnmapViewOfFile
GetTickCount
CreateFileW
GlobalFree
SetFilePointer
GetFileAttributesA
ReadFile
GetFileSize
LocalFree
CreateFileA
MapViewOfFile
CloseHandle

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueA

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b7f83a7b3e8d42bb65294db7895a683

Headers

File Characteristics

Imports

user32

wininet

advapi32

setupapi

gdi32

shell32

ole32

shlwapi

gdiplus

winmm

kernel32

version

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 77KB - Virtual size: 77KB

.tls Size: 1024B - Virtual size: 236KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 77KB - Virtual size: 77KB

.tls
Size: 1024B - Virtual size: 236KB