d12e74194befc99967a5300955e6dfe6JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d12e74194befc99967a5300955e6dfe6JaffaCakes118
Size

186KB
MD5

d12e74194befc99967a5300955e6dfe6
SHA1

3ac9b37c9d53874d3130655f2b881a5521f63658
SHA256

365cd9fd19adcdc89425e3fdedeb6c1260e78d4d3dbeb16025a919106ebfaeb5
SHA512

cafb65cf43dcd2dade2347e302a327dab905193686154b8fae4918d0e2ea0cded97efbbfc1dd194585d06311541e397b3cf6538555d94b0a6bf5e1968274242e
SSDEEP

3072:w3k1sspvYnrI9HOV4V+Rv9q4EIGaChCwxG7aZEhi8B93WekeUaBqWNvPloAd42:Ok1s6vYCw4URZ9Ga6kayhnb2a0W7/d4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d12e74194befc99967a5300955e6dfe6JaffaCakes118

Files

d12e74194befc99967a5300955e6dfe6JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc379ba0e4eef516dccd1c961f57f92d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

gdi32

BitBlt
RealizePalette
GetObjectA
GetDIBits
CreateCompatibleDC
StretchDIBits
SelectPalette
DeleteDC
CreateFontA
DeleteObject
SetStretchBltMode
SelectObject
ExtEscape
CreateCompatibleBitmap
GetStockObject
CreateDIBSection
CreateSolidBrush
CreateDIBitmap
GetDeviceCaps
SetBkMode

kernel32

UnmapViewOfFile
GetShortPathNameW
CreateFileMappingA
LocalFree
CreateFileW
GetProcessId
SetFilePointer
ReadFile
GlobalAlloc
GetTickCount
EnumResourceTypesA
GlobalFree
LocalAlloc
CreateFileA
GetFileSize
GlobalSize
GetFileAttributesA
DisableThreadLibraryCalls
Sleep
MapViewOfFile
WideCharToMultiByte
WriteFile
CloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA

ole32

StgOpenStorage
CreateStreamOnHGlobal
CreateItemMoniker
CLSIDFromProgID
GetRunningObjectTable
StgCreateDocfile
StringFromGUID2
StgIsStorageFile
CreateBindCtx
OleInitialize
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoSetProxyBlanket
CoTaskMemRealloc
CoUninitialize
CoTaskMemFree
CoGetClassObject
CoInitializeSecurity
BindMoniker
OleLockRunning
OleUninitialize
CLSIDFromString

winmm

timeGetTime
timeSetEvent

advapi32

RegQueryInfoKeyA
CryptGetHashParam
RegEnumKeyExA
CryptDestroyKey
CryptReleaseContext
CryptImportKey
CryptDestroyHash
RegOpenKeyExA
RegQueryValueExA
CryptEncrypt
RegCreateKeyExA
CryptHashData
RegSetValueExA
CryptCreateHash
CryptAcquireContextA
RegDeleteValueA
RegEnumValueA
RegCloseKey
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

gdiplus

GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipFree
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipCloneImage

user32

GetClassNameA
DispatchMessageA
GetWindowRect
DrawTextA
CreateWindowExA
SetFocus
FindWindowA
CreateAcceleratorTableA
EnumDisplayDevicesA
RegisterClassExA
GetDlgItem
GetWindowTextA
InvalidateRgn
SendMessageTimeoutA
GetDC
GetClientRect
InvalidateRect
GetWindow
SetWindowTextA
SetCapture
CopyRect
GetWindowTextLengthA
GetFocus
CharNextA
GetDesktopWindow
GetParent
DefWindowProcA
GetSysColor
RegisterWindowMessageA
KillTimer
CallWindowProcA
ShowWindow
SetRect
SendNotifyMessageA
FillRect
PostMessageA
EndPaint
DestroyAcceleratorTable
GetQueueStatus
IsWindow
SetTimer
IsChild
PostThreadMessageA
RedrawWindow
SetParent
UnregisterClassA
ReleaseCapture
wvsprintfA
SetWindowLongA
DestroyWindow
BeginPaint
wsprintfA
GetActiveWindow
ReleaseDC
GetClassInfoExA
LoadCursorA
PeekMessageA
CreateDialogParamA
SendMessageA
MsgWaitForMultipleObjects
GetWindowLongA
MoveWindow
EqualRect
SetWindowPos

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc379ba0e4eef516dccd1c961f57f92d

Headers

File Characteristics

Imports

shell32

wininet

gdi32

kernel32

setupapi

version

ole32

winmm

advapi32

shlwapi

gdiplus

user32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 78KB - Virtual size: 78KB

.tls Size: 1024B - Virtual size: 236KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 78KB - Virtual size: 78KB

.tls
Size: 1024B - Virtual size: 236KB