e9f516ac3fe6c4d78017a5a28710d25d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9f516ac3fe6c4d78017a5a28710d25d_JaffaCakes118
Size

181KB
MD5

e9f516ac3fe6c4d78017a5a28710d25d
SHA1

d88bc4f8cee26b607a2ee801a3be794110ae52b6
SHA256

1714a3231c757b762d5a3ff8304a1c19ae9a191043b8ba4da3d4735b2adb9d0e
SHA512

0a9fa124faed3531c72c6defcc7847e058692099342bf83034834f9c2c1151b4c3fb48f9bd2b22f839e192d5d8e173bc62025a560dfaad9a87a5734e22a12133
SSDEEP

3072:Ps3Zcxnh7T7hDOoLalowhdwUGoKH83X56aUqtYKsiL6mb4hfrJQMtW:PsU1hCom+whBakgGQh3hfNL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9f516ac3fe6c4d78017a5a28710d25d_JaffaCakes118

Files

e9f516ac3fe6c4d78017a5a28710d25d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

281a68dd9b79f3726c2337556725ddce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

user32

GetClassInfoExA
EnumDisplayDevicesA
GetDC
ShowWindow
GetWindowRect
CreateDialogParamA
RegisterWindowMessageA
SetParent
SetWindowLongA
wsprintfA
GetWindowTextLengthA
InvalidateRect
IsWindow
UnregisterClassA
CreateAcceleratorTableA
ReleaseCapture
SetFocus
DefWindowProcA
EqualRect
GetSysColor
DestroyAcceleratorTable
DrawTextA
InvalidateRgn
DispatchMessageA
GetParent
SetRect
GetFocus
GetDesktopWindow
PostMessageA
SendNotifyMessageA
MoveWindow
SetCapture
LoadCursorA
BeginPaint
DestroyWindow
GetClassNameA
GetActiveWindow
GetDlgItem
MsgWaitForMultipleObjects
RegisterClassExA
GetWindowTextA
SetWindowTextA
GetWindow
ReleaseDC
EndPaint
CharNextA
IsChild
wvsprintfA
FindWindowA
CallWindowProcA
GetQueueStatus
FillRect
KillTimer
SendMessageA
GetClientRect
CopyRect
RedrawWindow
SetTimer
CreateWindowExA
PeekMessageA
GetWindowLongA
SendMessageTimeoutA
PostThreadMessageA
SetWindowPos

winmm

timeGetTime
timeSetEvent

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA

shlwapi

PathFileExistsW
PathCombineW

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

gdiplus

GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipAlloc
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCloneImage

gdi32

SelectPalette
CreateSolidBrush
ExtEscape
GetStockObject
CreateCompatibleBitmap
CreateDIBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
CreateFontA
CreateDIBSection
StretchDIBits
SetStretchBltMode
GetDIBits
GetDeviceCaps
RealizePalette
GetObjectA
SelectObject
BitBlt
SetBkMode

ole32

CreateBindCtx
CoTaskMemFree
CoTaskMemAlloc
StgIsStorageFile
CoInitializeSecurity
CoGetClassObject
CoInitialize
CreateStreamOnHGlobal
StgCreateDocfile
OleInitialize
BindMoniker
CoSetProxyBlanket
StgOpenStorage
CoUninitialize
CoTaskMemRealloc
GetRunningObjectTable
CLSIDFromProgID
StringFromGUID2
CoCreateInstance
CreateItemMoniker
OleLockRunning
OleUninitialize
CLSIDFromString

kernel32

GlobalAlloc
ReadFile
GetShortPathNameW
CreateFileW
WideCharToMultiByte
GlobalFree
CreateFileA
UnmapViewOfFile
GetProcessAffinityMask
GetTickCount
SetFilePointer
MapViewOfFile
EnumResourceTypesA
LocalAlloc
GetFileAttributesA
WriteFile
CreateFileMappingA
LocalFree
DisableThreadLibraryCalls
GlobalSize
Sleep
GetFileSize
CloseHandle

advapi32

RegEnumValueA
CryptDestroyKey
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
CryptImportKey
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
RegDeleteValueA
RegSetValueExA
RegQueryInfoKeyA
CryptEncrypt
RegCloseKey
CryptAcquireContextA
CryptReleaseContext
RegDeleteKeyA

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

281a68dd9b79f3726c2337556725ddce

Headers

File Characteristics

Imports

setupapi

user32

winmm

version

shlwapi

wininet

shell32

gdiplus

gdi32

ole32

kernel32

advapi32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 72KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 240KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 72KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 240KB