da203c496425acc159a226f5a8aed58d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

da203c496425acc159a226f5a8aed58d_JaffaCakes118
Size

185KB
MD5

da203c496425acc159a226f5a8aed58d
SHA1

aee76f0c747a71800573388610c8b225b0b8e420
SHA256

a5a9b0e8243951af9a115ab42efb14f4470ad9c83b57a4af10b0e24db05bd7e4
SHA512

7b0199f877d0988c4b3b4425a1e009de9934da9b0bdb2631a7909bea828f09595184be115fc2ccb3e36485e051ec00a6cd4407530dd311a1f4fbd8568e88b085
SSDEEP

3072:Q72dJqx0hk/SrSYiZUWAlh38y2sbWQmuybHSXJW3x98tUJ:QizqxJmSYiZUWmh38zsqQmFJ98tUJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da203c496425acc159a226f5a8aed58d_JaffaCakes118

Files

da203c496425acc159a226f5a8aed58d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

516e41d98a13fe026f0d36689df1fbf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptImportKey
CryptHashData
CryptCreateHash
RegCloseKey
RegQueryValueExA
CryptGetHashParam
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
CryptDestroyKey
CryptEncrypt
RegSetValueExA
CryptDestroyHash
RegCreateKeyExA
RegDeleteValueA
CryptReleaseContext
CryptAcquireContextA
RegDeleteKeyA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

GetLongPathNameW
CreateFileW
CreateFileA
DisableThreadLibraryCalls
LocalFree
GetTickCount
SetFilePointer
GetProcessHandleCount
Sleep
CreateFileMappingA
ReadFile
GetFileSize
GlobalFree
EnumResourceTypesA
GlobalSize
GetFileAttributesA
WriteFile
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
LocalAlloc
GlobalAlloc
CloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

SetFocus
GetWindowTextA
GetDlgItem
GetWindowLongA
EndPaint
ReleaseCapture
DefWindowProcA
LoadCursorA
SetCapture
CreateAcceleratorTableA
FillRect
RegisterWindowMessageA
RegisterClassExA
GetWindow
GetFocus
KillTimer
IsWindow
GetSysColor
CharNextA
IsChild
MsgWaitForMultipleObjects
wsprintfA
BeginPaint
GetQueueStatus
ShowWindow
SendMessageTimeoutA
EnumDisplayDevicesA
PostMessageA
GetClassInfoExA
SendNotifyMessageA
FindWindowA
InvalidateRect
EqualRect
GetWindowTextLengthA
SetRect
SetWindowTextA
SetWindowLongA
GetActiveWindow
GetClientRect
wvsprintfA
RedrawWindow
DrawTextA
UnregisterClassA
GetWindowRect
GetParent
GetDesktopWindow
DispatchMessageA
SetTimer
GetClassNameA
ReleaseDC
DestroyAcceleratorTable
PeekMessageA
CreateDialogParamA
CopyRect
CallWindowProcA
GetDC
InvalidateRgn
SendMessageA
PostThreadMessageA
MoveWindow
CreateWindowExA
SetParent
DestroyWindow
SetWindowPos

gdi32

DeleteDC
CreateCompatibleBitmap
SelectPalette
GetStockObject
SetStretchBltMode
GetDIBits
CreateFontA
BitBlt
DeleteObject
CreateCompatibleDC
ExtEscape
CreateDIBitmap
CreateDIBSection
RealizePalette
SelectObject
StretchDIBits
CreateSolidBrush
GetDeviceCaps
GetObjectA
SetBkMode

shlwapi

PathFileExistsW
PathCombineW

ole32

BindMoniker
StgOpenStorage
CreateItemMoniker
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
OleLockRunning
OleInitialize
CoUninitialize
StringFromGUID2
CoTaskMemFree
StgCreateDocfile
CoTaskMemRealloc
OleUninitialize
GetRunningObjectTable
StgIsStorageFile
CoInitializeSecurity
CLSIDFromProgID
CoInitialize
CoSetProxyBlanket
CreateBindCtx
CoTaskMemAlloc
CLSIDFromString

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

516e41d98a13fe026f0d36689df1fbf7

Headers

File Characteristics

Imports

advapi32

wininet

setupapi

kernel32

shell32

user32

gdi32

shlwapi

ole32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 4KB - Virtual size: 4KB

.bss Size: 74KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 4KB - Virtual size: 4KB

.bss
Size: 74KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 368KB