dd69d11db5a4b151e682f6c37040d451_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dd69d11db5a4b151e682f6c37040d451_JaffaCakes118
Size

180KB
MD5

dd69d11db5a4b151e682f6c37040d451
SHA1

e719ce25574b753d34672cec6302dec51ed805bb
SHA256

8e27090c125fd86d831750dbb1d37ba5807b2621908a0de5cf4f53a7a06958d1
SHA512

63bf724b4c7729da99a28eaa4520ec86371a19746bb573a244541913b87dbd792322d7c356462d7a40410adba1bab455135b81618a744c36e3c75e6e01e0ff8d
SSDEEP

3072:YQMFEjfkCwTR0NBxI5/ZClEmU78YDnDaTmqx95EEwKdOdKpIGp93:tICfkCwV0alolTbTR95EEwtdwhp93

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd69d11db5a4b151e682f6c37040d451_JaffaCakes118

Files

dd69d11db5a4b151e682f6c37040d451_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e76a3209419e3e7d3d0662c740162638

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

gdi32

StretchDIBits
SelectPalette
RealizePalette
GetDIBits
CreateCompatibleDC
ExtEscape
DeleteObject
GetStockObject
CreateSolidBrush
SelectObject
CreateDIBitmap
GetDeviceCaps
CreateFontA
CreateDIBSection
CreateCompatibleBitmap
DeleteDC
SetStretchBltMode
GetObjectA
BitBlt
SetBkMode

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

kernel32

SetFilePointer
UnmapViewOfFile
GetShortPathNameW
GlobalFree
GlobalSize
GetTickCount
GetProcessAffinityMask
GlobalAlloc
DisableThreadLibraryCalls
GetFileSize
Sleep
EnumResourceTypesW
LocalFree
CreateFileW
MapViewOfFile
LocalAlloc
WriteFile
GetFileAttributesA
CreateFileMappingA
CreateFileA
WideCharToMultiByte
ReadFile
CloseHandle

version

GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

shlwapi

PathFileExistsW
PathCombineW

ole32

CLSIDFromProgID
CoInitialize
CreateItemMoniker
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
BindMoniker
CoUninitialize
CreateBindCtx
CoSetProxyBlanket
StgOpenStorage
StgIsStorageFile
OleUninitialize
OleLockRunning
CoTaskMemRealloc
StgCreateDocfile
CoInitializeSecurity
CreateStreamOnHGlobal
OleInitialize
CoGetClassObject
StringFromGUID2
GetRunningObjectTable
CLSIDFromString

gdiplus

GdipCreateBitmapFromFile
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipFree
GdipAlloc
GdipGetImagePixelFormat
GdipCloneImage

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

advapi32

CryptImportKey
CryptCreateHash
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
CryptAcquireContextA
RegQueryInfoKeyA
CryptDestroyKey
RegOpenKeyExA
CryptDestroyHash
CryptGetHashParam
RegQueryValueExA
CryptEncrypt
RegCloseKey
RegEnumValueA
CryptReleaseContext
CryptHashData
RegDeleteKeyA

user32

EnumDisplayDevicesA
SetRect
ShowWindow
MsgWaitForMultipleObjects
GetDesktopWindow
GetClassInfoExA
SetWindowTextA
GetSysColor
InvalidateRgn
KillTimer
GetFocus
SendNotifyMessageA
GetClassNameA
CopyRect
LoadCursorA
MoveWindow
UnregisterClassA
BeginPaint
DestroyAcceleratorTable
GetDC
EndPaint
GetWindowLongA
GetDlgItem
GetWindow
DestroyWindow
SetParent
GetQueueStatus
PeekMessageA
DrawTextA
PostMessageA
CreateDialogParamA
FindWindowA
SendMessageTimeoutA
FillRect
RegisterWindowMessageA
PostThreadMessageA
IsChild
RegisterClassExA
GetWindowTextA
CharNextA
SendMessageA
GetWindowTextLengthA
CreateAcceleratorTableA
InvalidateRect
ReleaseCapture
DispatchMessageA
SetCapture
wsprintfA
IsWindow
CreateWindowExA
SetTimer
GetWindowRect
GetClientRect
ReleaseDC
DefWindowProcA
GetParent
SetWindowLongA
SetFocus
EqualRect
CallWindowProcA
wvsprintfA
GetActiveWindow
RedrawWindow
SetWindowPos

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e76a3209419e3e7d3d0662c740162638

Headers

File Characteristics

Imports

winmm

gdi32

wininet

kernel32

version

setupapi

shlwapi

ole32

gdiplus

shell32

advapi32

user32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 66KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 244KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 66KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 244KB