c79f84ba8a9e53d5624a10d348e23ce1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c79f84ba8a9e53d5624a10d348e23ce1_JaffaCakes118
Size

169KB
MD5

c79f84ba8a9e53d5624a10d348e23ce1
SHA1

4ec4efc7e213bc916bc309fbc44697858b616dfd
SHA256

59a7362a33b999e5e092c5eaba1ab5168b1b497d04e9829c4b461c834c8a7990
SHA512

de912d88867ae9830bdbe2469fe0c2a42b8df0a02b48c656875921749d50038939728f391316c12939661309f55c283aac82ce776375bdcd6045d00ed9e3addf
SSDEEP

3072:SGZd1aGjZtZy7NqjqeGbiGO7ptwxGGpydB3HmQps3e4xWSWhO8L4uAX26/:Pd1aG1fmeG2lp0pyjmP1xWSva4dp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c79f84ba8a9e53d5624a10d348e23ce1_JaffaCakes118

Files

c79f84ba8a9e53d5624a10d348e23ce1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3016dc02c482cd6ba01e87190d192257

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CreateStreamOnHGlobal
StringFromGUID2
CoSetProxyBlanket
StgCreateDocfile
OleInitialize
OleUninitialize
CoTaskMemRealloc
OleLockRunning
GetRunningObjectTable
StgOpenStorage
StgIsStorageFile
CoTaskMemAlloc
CoInitializeSecurity
CoGetClassObject
BindMoniker
CreateBindCtx
CoCreateInstance
CoUninitialize
CoTaskMemFree
CLSIDFromProgID
CreateItemMoniker
CLSIDFromString

user32

SetParent
CharNextA
PeekMessageA
SetWindowTextA
GetDC
PostThreadMessageA
GetQueueStatus
SendMessageA
DispatchMessageA
InvalidateRect
LoadCursorA
GetDesktopWindow
GetDlgItem
CreateWindowExA
SendMessageTimeoutA
MsgWaitForMultipleObjects
CopyRect
SetWindowLongA
DestroyWindow
GetWindowTextLengthA
CallWindowProcA
IsChild
RegisterClassExA
GetWindowRect
GetClassNameA
wvsprintfA
wsprintfA
MoveWindow
SetFocus
DrawTextA
SetTimer
IsWindow
GetWindow
PostMessageA
CreateAcceleratorTableA
KillTimer
SendNotifyMessageA
GetClassInfoExA
GetFocus
BeginPaint
GetParent
GetWindowLongA
ShowWindow
UnregisterClassA
InvalidateRgn
RegisterWindowMessageA
DefWindowProcA
CreateDialogParamA
GetSysColor
FillRect
GetWindowTextA
SetCapture
ReleaseDC
EndPaint
EnumDisplayDevicesA
GetClientRect
SetRect
RedrawWindow
EqualRect
DestroyAcceleratorTable
GetActiveWindow
FindWindowA
ReleaseCapture
SetWindowPos

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

gdi32

CreateFontA
BitBlt
CreateDIBitmap
SelectPalette
ExtEscape
CreateDIBSection
CreateCompatibleDC
GetDIBits
DeleteDC
GetObjectA
RealizePalette
GetDeviceCaps
SetStretchBltMode
DeleteObject
GetStockObject
StretchDIBits
CreateSolidBrush
CreateCompatibleBitmap
SelectObject
SetBkMode

kernel32

GetShortPathNameW
SetFilePointer
LocalFree
CreateFileA
UnmapViewOfFile
LocalAlloc
CreateFileW
GetProcessAffinityMask
WideCharToMultiByte
GlobalSize
MapViewOfFile
WriteFile
EnumResourceTypesW
DisableThreadLibraryCalls
GetTickCount
GetFileAttributesA
GlobalFree
ReadFile
GetFileSize
CreateFileMappingA
Sleep
GlobalAlloc
CloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

shlwapi

PathFileExistsW
PathCombineW

advapi32

RegSetValueExA
CryptImportKey
CryptEncrypt
RegDeleteValueA
RegCreateKeyExA
CryptDestroyKey
RegEnumValueA
CryptAcquireContextA
CryptDestroyHash
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
CryptGetHashParam
RegQueryValueExA
CryptCreateHash
CryptReleaseContext
CryptHashData
RegDeleteKeyA

gdiplus

GdipCreateBitmapFromFileICM
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipCreateBitmapFromFile
GdipAlloc
GdipCloneImage

winmm

timeGetTime
timeSetEvent

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3016dc02c482cd6ba01e87190d192257

Headers

File Characteristics

Imports

ole32

user32

version

wininet

gdi32

kernel32

shell32

shlwapi

advapi32

gdiplus

winmm

setupapi

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 64KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 64KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 96KB