e0acf2c9dee16add4fcd9caeba11dd35_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e0acf2c9dee16add4fcd9caeba11dd35_JaffaCakes118
Size

185KB
MD5

e0acf2c9dee16add4fcd9caeba11dd35
SHA1

54c09bcd2cfe21a90cdb8d50d4f2c61a87f60632
SHA256

2fb8b4becdc99129a12080a582b36e8a8bcb1e15abe78ea42bd477ebe40a3c32
SHA512

907e306ddafdbb3ce49c892adafbb951eade378f10213a9b19f16c8734d857c04863d43b3bb7eecf3a98d728398d9ccc8972963bd82d770106b50a8d9524fa66
SSDEEP

3072:OZExq22z0RiOhMtsV3mMHP/kKERIXhvHt44uwDverODY0K5EDok2BMl3BPqrPF1w:O2q22zIHhMtsV3m4PsOS4eUY0ErMJBP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0acf2c9dee16add4fcd9caeba11dd35_JaffaCakes118

Files

e0acf2c9dee16add4fcd9caeba11dd35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23374980b6583eaf2be5a85860dc67aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathCombineW

user32

GetQueueStatus
SetWindowTextA
SetTimer
ReleaseDC
KillTimer
SetParent
GetSysColor
SetRect
ReleaseCapture
GetClassInfoExA
MoveWindow
CharNextA
CopyRect
EqualRect
SendNotifyMessageA
ShowWindow
IsWindow
RegisterWindowMessageA
PeekMessageA
SendMessageA
PostThreadMessageA
SetCapture
GetWindow
GetParent
UnregisterClassA
SetWindowLongA
DispatchMessageA
BeginPaint
DestroyWindow
InvalidateRgn
CreateWindowExA
InvalidateRect
RedrawWindow
DestroyAcceleratorTable
GetWindowTextLengthA
GetActiveWindow
SendMessageTimeoutA
GetWindowLongA
CreateAcceleratorTableA
GetWindowTextA
GetClientRect
GetDlgItem
MsgWaitForMultipleObjects
wvsprintfA
SetFocus
GetClassNameA
GetDesktopWindow
FillRect
GetFocus
LoadCursorA
GetWindowRect
GetDC
FindWindowA
DefWindowProcA
EnumDisplayDevicesA
CallWindowProcA
CreateDialogParamA
IsChild
DrawTextA
RegisterClassExA
wsprintfA
PostMessageA
EndPaint
SetWindowPos

kernel32

ReadFile
GetShortPathNameW
SetFilePointer
WriteFile
MapViewOfFile
GlobalAlloc
GlobalSize
GetProcessId
GlobalFree
UnmapViewOfFile
CreateFileA
GetTickCount
EnumResourceTypesA
WideCharToMultiByte
CreateFileMappingA
GetFileAttributesA
LocalAlloc
GetFileSize
DisableThreadLibraryCalls
Sleep
CreateFileW
LocalFree
CloseHandle

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA

gdi32

CreateCompatibleDC
SelectPalette
SetStretchBltMode
CreateDIBSection
CreateCompatibleBitmap
RealizePalette
GetDIBits
GetObjectA
ExtEscape
CreateSolidBrush
BitBlt
CreateFontA
GetDeviceCaps
DeleteDC
DeleteObject
StretchDIBits
SelectObject
GetStockObject
CreateDIBitmap
SetBkMode

winmm

timeGetTime
timeSetEvent

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

gdiplus

GdipDisposeImage
GdipFree
GdipAlloc
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCloneImage

ole32

GetRunningObjectTable
OleInitialize
OleUninitialize
BindMoniker
CoTaskMemRealloc
CoGetClassObject
CoInitializeSecurity
CoTaskMemAlloc
StgIsStorageFile
CoUninitialize
CreateItemMoniker
CoSetProxyBlanket
StgOpenStorage
CoCreateInstance
CLSIDFromProgID
StgCreateDocfile
OleLockRunning
CreateStreamOnHGlobal
StringFromGUID2
CoInitialize
CreateBindCtx
CoTaskMemFree
CLSIDFromString

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

advapi32

RegSetValueExA
RegEnumKeyExA
CryptAcquireContextA
RegCloseKey
CryptDestroyKey
RegDeleteValueA
CryptEncrypt
CryptCreateHash
RegEnumValueA
RegCreateKeyExA
CryptDestroyHash
CryptReleaseContext
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
CryptHashData
CryptGetHashParam
CryptImportKey
RegDeleteKeyA

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23374980b6583eaf2be5a85860dc67aa

Headers

File Characteristics

Imports

shlwapi

user32

kernel32

version

gdi32

winmm

shell32

wininet

gdiplus

ole32

setupapi

advapi32

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 74KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 74KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 368KB