decdf227e7613d7707e8321fed3d88a3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

decdf227e7613d7707e8321fed3d88a3_JaffaCakes118
Size

192KB
MD5

decdf227e7613d7707e8321fed3d88a3
SHA1

58e4411ef39a413dd544196139b9c7e1f77b62f5
SHA256

855363a60282070ca4f9a141229c94969d20dbd49e6c2cbece4fb1ddd5de1c92
SHA512

16a76163133f3866659669cd0359c41848e5422f4c2f709c7d98327e0a3e236d4c3fc03e92e15638b8f69253062f321b5b7fb3490f005d9fdfff1e9e3767ad12
SSDEEP

3072:MEfSCGk50HlHhzTD9++Mg/2P744Gc2WvjqeqNXiuC2dHjwYqG4j:MEqCGk50FN9hSZJ27fcuZp8YqGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
decdf227e7613d7707e8321fed3d88a3_JaffaCakes118

Files

decdf227e7613d7707e8321fed3d88a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

140137b3ed53fc470b13fab8c989bd5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDestroyHash
RegDeleteValueA
CryptHashData
RegCreateKeyExA
CryptImportKey
RegEnumKeyExA
CryptDestroyKey
RegQueryInfoKeyA
RegEnumValueA
CryptCreateHash
RegQueryValueExA
RegCloseKey
CryptAcquireContextA
CryptEncrypt
RegOpenKeyExA
RegSetValueExA
CryptReleaseContext
CryptGetHashParam
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

user32

FindWindowA
UnregisterClassA
DrawTextA
CreateWindowExA
CallWindowProcA
GetActiveWindow
RedrawWindow
GetWindowTextA
DestroyWindow
KillTimer
ShowWindow
LoadCursorA
BeginPaint
GetWindow
DefWindowProcA
SetRect
GetParent
RegisterClassExA
SetTimer
FillRect
IsWindow
CopyRect
GetQueueStatus
InvalidateRect
GetClassNameA
EqualRect
GetWindowLongA
GetDlgItem
GetClientRect
SetFocus
SetWindowTextA
CreateAcceleratorTableA
SendMessageTimeoutA
GetWindowRect
DispatchMessageA
GetWindowTextLengthA
wsprintfA
SetParent
ReleaseDC
SetCapture
DestroyAcceleratorTable
MoveWindow
PostMessageA
InvalidateRgn
PeekMessageA
GetSysColor
IsChild
EndPaint
GetFocus
wvsprintfA
MsgWaitForMultipleObjects
SendMessageA
CharNextA
SetWindowLongA
EnumDisplayDevicesA
RegisterWindowMessageA
ReleaseCapture
GetDC
SendNotifyMessageA
CreateDialogParamA
GetClassInfoExA
GetDesktopWindow
PostThreadMessageA
SetWindowPos

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

CreateFileA
GetLongPathNameW
GetFileSize
CreateFileW
WideCharToMultiByte
CreateFileMappingA
Sleep
MapViewOfFile
GetProcessHandleCount
LocalFree
EnumResourceTypesA
GlobalSize
LocalAlloc
GlobalAlloc
SetFilePointer
ReadFile
GlobalFree
GetFileAttributesA
UnmapViewOfFile
DisableThreadLibraryCalls
WriteFile
GetTickCount
CloseHandle

ole32

StringFromGUID2
OleLockRunning
CoInitialize
CreateItemMoniker
OleUninitialize
CoTaskMemRealloc
CoTaskMemFree
CLSIDFromProgID
BindMoniker
CreateBindCtx
StgOpenStorage
OleInitialize
CoSetProxyBlanket
CreateStreamOnHGlobal
CoUninitialize
StgIsStorageFile
GetRunningObjectTable
CoInitializeSecurity
CoCreateInstance
CoTaskMemAlloc
StgCreateDocfile
CoGetClassObject
CLSIDFromString

gdi32

GetObjectA
CreateCompatibleDC
GetDeviceCaps
GetStockObject
ExtEscape
BitBlt
DeleteObject
SelectPalette
GetDIBits
CreateDIBSection
DeleteDC
CreateDIBitmap
StretchDIBits
CreateSolidBrush
CreateCompatibleBitmap
SetStretchBltMode
CreateFontA
SelectObject
RealizePalette
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

140137b3ed53fc470b13fab8c989bd5d

Headers

File Characteristics

Imports

advapi32

shlwapi

user32

wininet

setupapi

kernel32

ole32

gdi32

shell32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 4KB - Virtual size: 4KB

.bss Size: 76KB - Virtual size: 76KB

.tls Size: 1024B - Virtual size: 108KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 4KB - Virtual size: 4KB

.bss
Size: 76KB - Virtual size: 76KB

.tls
Size: 1024B - Virtual size: 108KB