bf57d207ad9dfdf581090fa9f63a55bc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bf57d207ad9dfdf581090fa9f63a55bc_JaffaCakes118
Size

176KB
MD5

bf57d207ad9dfdf581090fa9f63a55bc
SHA1

0440fa623863561004e9179169811e5ba4a45e35
SHA256

fbe3ad48cbc3d6e6b96fd0ec2f968cf29428bc4d4528bd42787a91300fb874bf
SHA512

bc1c912761f0175f56f04be3361bb90b64af2d49a2a1092b1db489803d47a08a6c0d9bf59ecc7f05fe9c219fe465db0673d34c8be07803c6e9e316c2d8e4f46f
SSDEEP

3072:QbGijebZB1K8ifsHDBDYHA7Wr5zx9WuF58As8bZMx3T1z/oHavmp8l7WsO9MM/Zq:z9JifalNCr7FOz8bZMxhz/ogL4XOYwj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf57d207ad9dfdf581090fa9f63a55bc_JaffaCakes118

Files

bf57d207ad9dfdf581090fa9f63a55bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74412b592432e664d1e6fcdd9ab8fdce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
GetRunningObjectTable
CoGetClassObject
CoTaskMemFree
CreateStreamOnHGlobal
OleUninitialize
CreateItemMoniker
StgOpenStorage
CoInitialize
CoTaskMemAlloc
CoInitializeSecurity
CoUninitialize
BindMoniker
CoTaskMemRealloc
CLSIDFromProgID
CoSetProxyBlanket
CoCreateInstance
StgIsStorageFile
CreateBindCtx
StringFromGUID2
OleLockRunning
OleInitialize
CLSIDFromString

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoA
VerQueryValueA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

advapi32

RegOpenKeyExA
CryptHashData
CryptGetHashParam
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
CryptImportKey
RegCreateKeyExA
RegCloseKey
CryptDestroyKey
CryptEncrypt
RegQueryValueExA
CryptReleaseContext
CryptCreateHash
RegSetValueExA
CryptAcquireContextA
RegEnumValueA
CryptDestroyHash
RegDeleteKeyA

gdi32

SetStretchBltMode
GetDIBits
CreateDIBitmap
BitBlt
StretchDIBits
DeleteDC
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
SelectPalette
RealizePalette
GetObjectA
GetStockObject
DeleteObject
CreateDIBSection
ExtEscape
CreateFontA
CreateSolidBrush
SelectObject
SetBkMode

user32

GetWindowRect
PostThreadMessageA
CallWindowProcA
SendMessageTimeoutA
CreateDialogParamA
SetFocus
IsWindow
GetWindow
GetDC
PostMessageA
DefWindowProcA
SetTimer
SetWindowTextA
SendNotifyMessageA
SendMessageA
LoadCursorA
FillRect
MsgWaitForMultipleObjects
GetClassInfoExA
wsprintfA
UnregisterClassA
FindWindowA
InvalidateRect
CopyRect
RegisterClassExA
GetDlgItem
SetParent
DestroyWindow
SetWindowLongA
GetQueueStatus
GetClassNameA
CreateWindowExA
CreateAcceleratorTableA
SetCapture
ReleaseDC
wvsprintfA
SetRect
RegisterWindowMessageA
CharNextA
InvalidateRgn
RedrawWindow
KillTimer
IsChild
GetWindowTextA
MoveWindow
DispatchMessageA
BeginPaint
GetSysColor
EqualRect
ShowWindow
DrawTextA
ReleaseCapture
EndPaint
GetClientRect
GetParent
GetDesktopWindow
GetActiveWindow
PeekMessageA
GetFocus
EnumDisplayDevicesA
DestroyAcceleratorTable
GetWindowLongA
GetWindowTextLengthA
SetWindowPos

kernel32

Sleep
GetShortPathNameW
CreateFileW
LocalFree
GlobalFree
SetFilePointer
CreateFileMappingA
GetProcessId
GetTickCount
ReadFile
EnumResourceTypesA
GlobalAlloc
WriteFile
LocalAlloc
UnmapViewOfFile
GetFileSize
GetFileAttributesA
CreateFileA
MapViewOfFile
DisableThreadLibraryCalls
GlobalSize
WideCharToMultiByte
CloseHandle

shlwapi

PathFileExistsW
PathCombineW

gdiplus

GdipFree
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipAlloc
GdipCloneImage

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74412b592432e664d1e6fcdd9ab8fdce

Headers

File Characteristics

Imports

ole32

setupapi

version

wininet

shell32

winmm

advapi32

gdi32

user32

kernel32

shlwapi

gdiplus

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 69KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 69KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 92KB