da83589fc70e83de8f830bb93536b24e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da83589fc70e83de8f830bb93536b24e_JaffaCakes118
Size

178KB
MD5

da83589fc70e83de8f830bb93536b24e
SHA1

f07459d2b83e45397d163df8e568231bc35e8de2
SHA256

57bf642e172a126b3f6b6449e7be47205b3fde61b67190859be871d618aa973e
SHA512

2a748cf608cbf3e0694dfd10b864860e297c129abed80234483ea3d4ba7ccd1088232779c5331464ae4b285ecf560d3d1187c39545641faac03eef4e6af6b500
SSDEEP

3072:GFRE6w6LDX51bCx1PyLK9tk9wgmGgCJ9AvPkpWSp1YpyW5zek0/dd0:GCCXj+xaK9LAJ9+Pkp1gl70/dd0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da83589fc70e83de8f830bb93536b24e_JaffaCakes118

Files

da83589fc70e83de8f830bb93536b24e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ee181e6a4fc60c62229869bb1f6ab23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
GetDIBits
SetStretchBltMode
CreateDIBitmap
GetStockObject
SelectObject
RealizePalette
DeleteObject
DeleteDC
SelectPalette
ExtEscape
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
CreateFontA
CreateCompatibleDC
CreateDIBSection
StretchDIBits
GetObjectA
SetBkMode

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

version

GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoA
VerQueryValueA

ole32

StgOpenStorage
GetRunningObjectTable
CoTaskMemFree
CreateItemMoniker
CreateStreamOnHGlobal
CoInitialize
CoTaskMemAlloc
StgIsStorageFile
OleUninitialize
CoGetClassObject
CoSetProxyBlanket
CoInitializeSecurity
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
OleLockRunning
OleInitialize
CreateBindCtx
BindMoniker
StgCreateDocfile
CLSIDFromProgID
CoUninitialize
CLSIDFromString

advapi32

CryptAcquireContextA
CryptImportKey
CryptDestroyKey
RegCreateKeyExA
CryptCreateHash
CryptReleaseContext
RegEnumValueA
CryptDestroyHash
CryptGetHashParam
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
CryptEncrypt
RegQueryValueExA
CryptHashData
RegDeleteValueA
RegCloseKey
RegQueryInfoKeyA
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

GetActiveWindow
EqualRect
EnumDisplayDevicesA
FindWindowA
SetWindowTextA
SetTimer
SetParent
EndPaint
FillRect
DrawTextA
IsChild
CallWindowProcA
wvsprintfA
GetWindowTextA
KillTimer
SendNotifyMessageA
SetRect
GetParent
PostThreadMessageA
RedrawWindow
SendMessageA
RegisterWindowMessageA
CreateDialogParamA
SetFocus
GetDC
ReleaseDC
SetWindowLongA
GetWindowLongA
LoadCursorA
PeekMessageA
wsprintfA
MoveWindow
BeginPaint
CreateAcceleratorTableA
InvalidateRect
DestroyWindow
GetWindowTextLengthA
GetDesktopWindow
DestroyAcceleratorTable
GetClassNameA
ShowWindow
GetClassInfoExA
GetClientRect
RegisterClassExA
GetDlgItem
GetSysColor
CopyRect
SetCapture
CharNextA
DefWindowProcA
DispatchMessageA
SendMessageTimeoutA
ReleaseCapture
GetQueueStatus
MsgWaitForMultipleObjects
UnregisterClassA
InvalidateRgn
IsWindow
GetWindowRect
CreateWindowExA
PostMessageA
GetFocus
GetWindow
SetWindowPos

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

kernel32

WideCharToMultiByte
CreateFileW
GetShortPathNameW
DisableThreadLibraryCalls
CreateFileMappingA
LocalAlloc
GetProcessAffinityMask
GlobalSize
CreateFileA
Sleep
UnmapViewOfFile
GetTickCount
GlobalAlloc
EnumResourceTypesW
LocalFree
MapViewOfFile
GlobalFree
GetFileAttributesA
GetFileSize
SetFilePointer
WriteFile
ReadFile
CloseHandle

shlwapi

PathFileExistsW
PathCombineW

gdiplus

GdipCreateBitmapFromFileICM
GdipFree
GdipDisposeImage
GdipGetImagePixelFormat
GdipAlloc
GdipCreateBitmapFromFile
GdipCloneImage

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ee181e6a4fc60c62229869bb1f6ab23

Headers

File Characteristics

Imports

gdi32

wininet

version

ole32

advapi32

shell32

user32

setupapi

kernel32

shlwapi

gdiplus

winmm

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 67KB - Virtual size: 67KB

.tls Size: 1024B - Virtual size: 376KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 67KB - Virtual size: 67KB

.tls
Size: 1024B - Virtual size: 376KB