dce456aa561e3f4d8bb5066ceac847aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dce456aa561e3f4d8bb5066ceac847aa_JaffaCakes118
Size

179KB
MD5

dce456aa561e3f4d8bb5066ceac847aa
SHA1

aa7c3364fd24aa23d7301a6c653aae0a01f41cb0
SHA256

4e9227f3990cad0968e0db8f6c730049eae76f316d45c772fb5a2b291d5f2ace
SHA512

c7a15503df5eca34e434d04f1f3b3cb041385753e8fa4690042c0c80592808c663aa128c17a813549868f4de04a6bd9fa8fb8bb03d92051dc726db6b84f2a5e9
SSDEEP

3072:dHEPf1WRuabqZnQJs89RzWmuwVhgr65L797mtPoNTL55BCalwG7:SJNysIRSu9HV55B1G8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dce456aa561e3f4d8bb5066ceac847aa_JaffaCakes118

Files

dce456aa561e3f4d8bb5066ceac847aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c48de28d3f38abfcfa86bbccc4b9a2a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc
GdipGetImagePixelFormat
GdipFree
GdipCreateBitmapFromFile
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipCloneImage

ole32

OleUninitialize
CreateItemMoniker
GetRunningObjectTable
StgCreateDocfile
OleInitialize
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
OleLockRunning
CLSIDFromProgID
CoUninitialize
StgOpenStorage
CreateStreamOnHGlobal
CoTaskMemAlloc
CreateBindCtx
CoSetProxyBlanket
StgIsStorageFile
BindMoniker
CoCreateInstance
StringFromGUID2
CoInitializeSecurity
CoGetClassObject
CLSIDFromString

kernel32

DisableThreadLibraryCalls
CreateFileW
GetShortPathNameW
Sleep
WideCharToMultiByte
GetProcessAffinityMask
CreateFileA
WriteFile
LocalFree
ReadFile
GetTickCount
SetFilePointer
EnumResourceTypesW
MapViewOfFile
CreateFileMappingA
LocalAlloc
GlobalSize
GetFileAttributesA
UnmapViewOfFile
GetFileSize
GlobalAlloc
GlobalFree
CloseHandle

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
CryptAcquireContextA
CryptDestroyHash
CryptDestroyKey
CryptCreateHash
CryptHashData
CryptGetHashParam
RegCloseKey
RegEnumValueA
CryptEncrypt
RegQueryValueExA
CryptReleaseContext
CryptImportKey
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

user32

PostThreadMessageA
GetWindow
GetParent
GetActiveWindow
CopyRect
ReleaseCapture
CharNextA
LoadCursorA
IsWindow
wvsprintfA
CreateWindowExA
FillRect
SetCapture
GetClientRect
GetDlgItem
GetFocus
DrawTextA
InvalidateRect
SetRect
DestroyAcceleratorTable
SetWindowLongA
GetWindowTextA
DestroyWindow
RegisterWindowMessageA
GetWindowTextLengthA
SetParent
EnumDisplayDevicesA
FindWindowA
CreateDialogParamA
GetQueueStatus
RedrawWindow
IsChild
SetFocus
KillTimer
SendMessageA
CreateAcceleratorTableA
GetSysColor
MoveWindow
SendMessageTimeoutA
GetClassNameA
SetWindowTextA
BeginPaint
GetWindowRect
CallWindowProcA
GetClassInfoExA
GetDC
EndPaint
InvalidateRgn
DefWindowProcA
GetWindowLongA
EqualRect
PeekMessageA
SetTimer
RegisterClassExA
ShowWindow
GetDesktopWindow
wsprintfA
ReleaseDC
PostMessageA
MsgWaitForMultipleObjects
DispatchMessageA
SendNotifyMessageA
UnregisterClassA
SetWindowPos

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

gdi32

StretchDIBits
RealizePalette
DeleteDC
CreateDIBitmap
CreateDIBSection
ExtEscape
CreateCompatibleDC
CreateFontA
SelectObject
CreateSolidBrush
BitBlt
DeleteObject
GetDIBits
SelectPalette
SetStretchBltMode
GetDeviceCaps
CreateCompatibleBitmap
GetObjectA
GetStockObject
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

version

GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c48de28d3f38abfcfa86bbccc4b9a2a2

Headers

File Characteristics

Imports

gdiplus

ole32

kernel32

advapi32

shlwapi

wininet

user32

setupapi

gdi32

shell32

version

winmm

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 72KB - Virtual size: 72KB

.tls Size: 1024B - Virtual size: 244KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 72KB - Virtual size: 72KB

.tls
Size: 1024B - Virtual size: 244KB