df5de37c13e3170aefd3946ef2ee8f76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df5de37c13e3170aefd3946ef2ee8f76_JaffaCakes118
Size

167KB
MD5

df5de37c13e3170aefd3946ef2ee8f76
SHA1

3e9339b7dfbc60433088e596ba65bc1031185ee7
SHA256

965559131c5a14a0fe4816230a0ea4bfed616c86c8639faca607be8d37036ebe
SHA512

ef4d65f3c479bf61dc2bf753f9c39a2b2c89ca93786d1c88068aaf16163d456fd39e72dab6739428197a5b01ec964dd615008ec4b5616bcdb206faabe465db89
SSDEEP

3072:xdI/VwsTNdO+XJ90XkM1D+b9wg5kt1HLn99nG3MpbVUw0:TIL3O+XJ90t1D+r6rn9MuWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df5de37c13e3170aefd3946ef2ee8f76_JaffaCakes118

Files

df5de37c13e3170aefd3946ef2ee8f76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04f1efb772ea80d936ac6e2bb8df7f93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InvalidateRect
ReleaseCapture
GetWindowLongA
RegisterWindowMessageA
PostMessageA
CharNextA
CallWindowProcA
DefWindowProcA
GetSysColor
ReleaseDC
PeekMessageA
GetActiveWindow
GetFocus
SetTimer
SetCapture
SetWindowLongA
DispatchMessageA
GetClassInfoExA
IsWindow
CopyRect
SetRect
SendNotifyMessageA
CreateWindowExA
InvalidateRgn
SetParent
EndPaint
wvsprintfA
GetWindow
IsChild
GetDC
wsprintfA
GetDesktopWindow
PostThreadMessageA
DestroyWindow
SetFocus
GetWindowTextLengthA
GetWindowRect
CreateAcceleratorTableA
SendMessageA
MoveWindow
ShowWindow
RedrawWindow
SendMessageTimeoutA
DrawTextA
GetParent
LoadCursorA
MsgWaitForMultipleObjects
EqualRect
UnregisterClassA
FillRect
BeginPaint
SetWindowTextA
GetClassNameA
GetDlgItem
GetClientRect
RegisterClassExA
KillTimer
GetWindowTextA
FindWindowA
CreateDialogParamA
DestroyAcceleratorTable
GetQueueStatus
EnumDisplayDevicesA
SetWindowPos

version

GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoA
VerQueryValueA

kernel32

GetShortPathNameW
ReadFile
WriteFile
SetFilePointer
WideCharToMultiByte
MapViewOfFile
GetProcessAffinityMask
UnmapViewOfFile
LocalAlloc
GlobalAlloc
DisableThreadLibraryCalls
GlobalFree
EnumResourceTypesW
CreateFileW
GlobalSize
GetFileAttributesA
CreateFileMappingA
Sleep
GetTickCount
LocalFree
CreateFileA
GetFileSize
CloseHandle

shlwapi

PathFileExistsW
PathCombineW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

gdi32

SelectObject
GetDeviceCaps
ExtEscape
GetDIBits
CreateSolidBrush
DeleteObject
SetStretchBltMode
DeleteDC
SelectPalette
RealizePalette
BitBlt
CreateCompatibleBitmap
GetObjectA
CreateDIBSection
StretchDIBits
CreateFontA
CreateDIBitmap
GetStockObject
CreateCompatibleDC
SetBkMode

winmm

timeGetTime
timeSetEvent

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

gdiplus

GdipDisposeImage
GdipFree
GdipGetImagePixelFormat
GdipAlloc
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCloneImage

ole32

CoUninitialize
StgOpenStorage
CreateItemMoniker
OleLockRunning
StgCreateDocfile
CreateBindCtx
CoTaskMemFree
GetRunningObjectTable
CoInitialize
CoInitializeSecurity
CoSetProxyBlanket
CoGetClassObject
CLSIDFromProgID
CreateStreamOnHGlobal
CoCreateInstance
OleUninitialize
StringFromGUID2
OleInitialize
CoTaskMemAlloc
StgIsStorageFile
BindMoniker
CoTaskMemRealloc
CLSIDFromString

advapi32

CryptDestroyHash
CryptGetHashParam
RegQueryInfoKeyA
RegCloseKey
CryptImportKey
CryptHashData
RegSetValueExA
CryptAcquireContextA
CryptCreateHash
CryptDestroyKey
RegOpenKeyExA
CryptEncrypt
RegDeleteValueA
RegEnumValueA
CryptReleaseContext
RegCreateKeyExA
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04f1efb772ea80d936ac6e2bb8df7f93

Headers

File Characteristics

Imports

user32

version

kernel32

shlwapi

setupapi

gdi32

winmm

shell32

gdiplus

ole32

advapi32

wininet

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 96KB