e228080203edcac78ec33dc026baed23_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e228080203edcac78ec33dc026baed23_JaffaCakes118
Size

173KB
MD5

e228080203edcac78ec33dc026baed23
SHA1

a34275cec5cc0694d2a83655bffd6adb3950a942
SHA256

ec1ba6a18c4b73f82dd62949b4acda531804cbf0c096582ed09398bfb8619e81
SHA512

21d036cb8714ec4e62c87cc950b96afdd329c18eae94018454716563f11a858cf8ff7aab038261c5bfeeadc841e49234aba210607b9e3def3720c0fd1f052763
SSDEEP

3072:UaD5qPHS8eiYJ4oBEEPT+Zf9NUZ/KTwz52qlD5xmn+AVBbozfM7/UY2gxu1tJffN:Pl2y8z2LBEEbEf/UZ/KTwwQDGgf2nxuk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e228080203edcac78ec33dc026baed23_JaffaCakes118

Files

e228080203edcac78ec33dc026baed23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32b3cfc0cf0d0d1b28518d59c81ebcff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseCapture
SetCapture
wsprintfA
PostThreadMessageA
GetDlgItem
GetQueueStatus
KillTimer
GetDC
FillRect
DispatchMessageA
GetClassNameA
IsWindow
SendMessageA
CreateDialogParamA
RegisterWindowMessageA
CopyRect
GetClientRect
InvalidateRgn
wvsprintfA
GetActiveWindow
MoveWindow
GetWindowLongA
UnregisterClassA
EnumDisplayDevicesA
SetFocus
GetWindowRect
GetWindowTextLengthA
EndPaint
ShowWindow
FindWindowA
PostMessageA
CharNextA
DrawTextA
SetRect
GetFocus
DestroyAcceleratorTable
GetSysColor
RegisterClassExA
CreateAcceleratorTableA
GetClassInfoExA
InvalidateRect
BeginPaint
GetDesktopWindow
SetWindowLongA
EqualRect
LoadCursorA
GetParent
ReleaseDC
MsgWaitForMultipleObjects
GetWindowTextA
SendNotifyMessageA
SetTimer
CallWindowProcA
SetParent
DefWindowProcA
GetWindow
IsChild
RedrawWindow
DestroyWindow
CreateWindowExA
SendMessageTimeoutA
SetWindowTextA
PeekMessageA
SetWindowPos

advapi32

RegOpenKeyExA
RegQueryValueExA
CryptImportKey
RegDeleteValueA
CryptAcquireContextA
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyKey
RegSetValueExA
CryptEncrypt
RegEnumKeyExA
RegCloseKey
RegEnumValueA
RegCreateKeyExA
CryptDestroyHash
RegQueryInfoKeyA
CryptReleaseContext
RegDeleteKeyA

ole32

BindMoniker
CreateItemMoniker
StringFromGUID2
CoInitialize
StgIsStorageFile
OleLockRunning
CoUninitialize
CoTaskMemAlloc
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
StgCreateDocfile
CoGetClassObject
CoInitializeSecurity
CLSIDFromProgID
CoTaskMemRealloc
CreateBindCtx
OleUninitialize
StgOpenStorage
CoTaskMemFree
GetRunningObjectTable
CoSetProxyBlanket
CLSIDFromString

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

kernel32

GetShortPathNameW
LocalAlloc
GetFileSize
CreateFileMappingA
SetFilePointer
GetProcessAffinityMask
UnmapViewOfFile
GlobalFree
MapViewOfFile
LocalFree
CreateFileW
GlobalAlloc
DisableThreadLibraryCalls
EnumResourceTypesA
GetFileAttributesA
GlobalSize
Sleep
WriteFile
ReadFile
WideCharToMultiByte
CreateFileA
GetTickCount
CloseHandle

gdi32

CreateFontA
CreateDIBSection
GetStockObject
CreateCompatibleBitmap
CreateSolidBrush
DeleteObject
GetDeviceCaps
SelectObject
ExtEscape
RealizePalette
CreateCompatibleDC
SetStretchBltMode
DeleteDC
BitBlt
StretchDIBits
CreateDIBitmap
SelectPalette
GetObjectA
GetDIBits
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

winmm

timeGetTime
timeSetEvent

shlwapi

PathFileExistsW
PathCombineW

gdiplus

GdipDisposeImage
GdipFree
GdipGetImagePixelFormat
GdipAlloc
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCloneImage

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32b3cfc0cf0d0d1b28518d59c81ebcff

Headers

File Characteristics

Imports

user32

advapi32

ole32

setupapi

wininet

version

kernel32

gdi32

shell32

winmm

shlwapi

gdiplus

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 67KB - Virtual size: 66KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 67KB - Virtual size: 66KB

.tls
Size: 1024B - Virtual size: 92KB